Note right off that this virus/trojan email has a Subject line of:
You Received Online Greeting Card
not
You Received An Online Greeting Card
Right away you should be alerted that this is not likely a legitimate greeting. The image contained in the email appears to be one actually used by 123Greetings.com:
http://i.123g.us/c/efeb_cuddleday/card/104506.gif
Click for Larger Image
But the hyperlink does not take you to a greeting card, or to 123Greetings.com either, for that matter.
The file that the hyperlink will actually load is a file usually named “setup.zip” and if the user downloads and runs this file then their PC will become infected and part of the spam bot zombie network used to send both virus emails and spam advertisements as well.
While the URL changes within the campaign, the hyperlink destination will generally be constructed like:
http://RandomString.googlegroups.com/web/setup.zip
So far, only the “RandomString” is unique, and all virus/trojan files are shared and spread through countless bogus “Google Groups” accounts that are expressly used for the purpose of spreading these viruses. This is a particularly good tactic on their part, and for several reasons:
- The use of a “googlegroups.com” URL within the spam message can reduce the likelihood of spam filters stopping the message.
- Many users erroneously assuming that anything “Google” is good, and are therefore are willing to download and run the trojan file, thus infecting their own computers.
- The ease with which the spammer can quickly create bogus “groups” and upload their virus files.
Combining all three of the above makes this tactic exceptionally efficient for spreading viruses throughout the Internet.
- -
OnlyMyEmail is an award winning hosted spam filtering service and business email hosting provider. Our enterprise cloud computing anti-spam solution, the MX-Defender, has the highest capture rate of any spam filter ever tested in the VBSpam Challenge, blocking a record setting 99.9993% of all malicious and junk email.
Our Personal spam filtering system is also a Software as a Service (SaaS) solution and has won both the PC World "World Class Award" and also the PC Magazine "Editor's Choice Award."
OME-Kids is a webmail solution that protects children from spam and other harmful emails. OME-Kids offers unique Parental Controls that allow you to choose the level of security and oversight that's right for your child.
Related posts:
