[KY4KY] "You have a card" Scam
K4RVM - Bob Myers
k4rvm at critterbob.com
Thu Jul 5 18:56:42 PDT 2007
Well, it's time once again to try to scam computer users into inviting a virus onto their computer. This time, it comes in the form
of an email announcement that you received a greeting card.
Here's how to tell the fake ones from the real ones:
The real cards email will look something like this:
Critterbob (critterbob at critterbob.com) has sent you a Jacquie Lawson electronic greeting card.
Please click on the following link to see your card. If your e-mail program has not displayed this as a link, then please copy the
following into the Address or Location bar of your Internet browser.
Alternatively, please visit http://www.jacquielawson.com and select the Pick Up Card option in the menu. Then enter your card code,
If you have any problem at all viewing your card, please click here:
If you do not wish to receive e-cards from jacquielawson.com, please click here:
Our ref: JLC299916062-CS / 1244757042999
jacquielawson.com, PO Box 1567, Wedmore, Somerset BS28 4YD, United Kingdom.
The fake one will look more like this:
A friend has sent you an electronic greeting card from ECard.com.
Please click on the following link to see your card.
Or just go to http://18.104.22.168/ by clicking this link or typing it in.
The enter your reference code: aadsflkyerwfgesfgtewdlsaybng
The fake ones will say from "a neighbor", "a classmate", "a friend" or something like that and not give you a name. The real one
gives your name and the sender's email and/or name.
The fake ones give a set of numbers for the card's address instead of the real web site name.
DO NOT GO TO THESE NUMBERED LINKS. Two of the five I received linked to a site with a Trojan virus called JS/Psyme. This has been
around since 2004, but is now being exploited again. If you go to the link using Internet Explorer the built-in Active X controls
will invite the virus right onto your computer. Users running Firefox will not have this problem since Firefox does not use the
dangerous Active X. However, it is advised not to go to these sites at all.
Bullitt Amateur Radio Society: http://KY4KY.com
KY4KY.com Weather Center: http://KY4KY.com/weather
Greater Louisville Hamfest Assoc.: http://critterbob.com/glha
More information about the KY4KY