Greeting Card Spam
BEWARE: several weeks ago we warned you about "Postcard" or "eCard" spam, and the dangers it poses for computer users. Several people on the infomanager and AUGD list snickered. Seems both the FBI and FCC now agree...
Users on Comcast, Road Runner, AOL and other -- including Japan, China, United Kingdom and Russia are targets of the latest spam attack spoofing name-brand ecard sites to steal your identity. Obviously some computer users still haven't learned NOT to click on email from sources not authenticated.
Spam / Scam bulk mailers and / or Trojans are trying to lure users into opening a concealed computer virus in a link disguised as an online greeting card. Both the FBI and the Federal Trade Commission have issued additional warnings to consumers about the greeting-card spam
The email is convincing because the criminal spammers are 'spoofing' email addresses to make it look like the card is coming from a reputable ecard company like Hallmark or American Greetings.
Infected computers become another purveyor of the Trojan. Macintosh computers are NOT affected, in fact the link generally won't even work if accessed by a Mac running Safari or Firefox. Windows machines, because of their lack of security will immediately become infected and begin re-sending the spam. Users who actually open the link will be putting their identity at risk.
See: Washington Post article
By Sam Diaz and Alejandro Lazo (July 21, 2007; Page D03)
See: www.techlinks.net article, and Marshal Security
The following is our list gathered since yesterday, about 18 hours ago.
This incident = July 22, 2007
Trojan link = http://172.190.147.152/?8ca9a885b5e6291c3de8293ec
Owner = America Online, Dulles, VA, US
-------------------
This incident = July 22, 2007
Trojan link = http://77.101.44.98/?c36a4bc955099675c50080d0229
Owner = Cable Internet Ltd, Glenrothes, Fife, United Kingdom
-------------------
This incident = July 22, 2007
Trojan link = http://82.32.169.168/?3076a3db573383e1a7a85
Owner = Cable Internet Ltd, Glenrothes, Fife, United Kingdom
-------------------
This incident = July 22, 2007
Trojan link = http://24.159.255.139/?c36a4bc955099675c50080d0229
Owner = Charter Communications, St. Louis, MO, US
-------------------
This incident = July 22, 2007
Trojan link = http://220.141.60.8/?0d0229e368412571d7d41977bc649
Owner = Chunghwa Telecom Co., Ltd., Taipei Taiwan, TW
-------------------
This incident = July 22, 2007
Trojan link = http://71.224.223.173/?3933165b19d3383b4c009e
Owner = Comcast Cable Communications Inc., Mt Laurel, NJ, US
-------------------
This incident = July 22, 2007
Trojan link = http://209.206.240.140/?a9ebeed435601e5ee713076
Owner = Grays Harbor PDA, Satsop, WA, US
-------------------
This incident = July 22, 2007
Trojan link = http://122.126.112.130/?89c029a3ab9d352785c21a5aa808
Owner = HINET, Chunghwa Telecom Co., Ltd., Taipei Taiwan, TW
-------------------
This incident = July 22, 2007
Trojan link = http://80.92.249.101/?bc7a1ad2812c18db7e70b
Owner = Interwave communications, Ltd., Moscow, Russian Federation,
-------------------
This incident = July 22, 2007
Trojan link = http://203.156.26.82/?d55393e4dd7ae5b23933165b
Owner = Jasmine Internet, Nonthaburi Bangkok TH (Thailand)
-------------------
This incident = July 22, 2007
Trojan link = http://24.225.176.196/?e8517a32e6b9ea6878b15d770
Owner = PATRIOT MEDIA AND COMMUNICATIONS LLC, Somerset, NJ
-------------------
This incident = July 22, 2007
Trojan link = http://69.208.83.40/?46921636c804814655dc21c83715e8517a
Owner = PPPoX Pool, Chicago, IL , US and/ or
Owner = AT&T Internet Services, Richardson, TX, US
-------------------
This incident = July 22, 2007
Trojan link = http://76.87.179.8/?1c20bb5790c08a823e96272575cbc68911e
Owner = Road Runner HoldCo LLC, Herndon, VA, US
-------------------
This incident = July 22, 2007
Trojan link = http://24.26.111.99/?2785c21a5aa8088aea28abd4d5
Owner = Road Runner HoldCo LLC, Herndon, VA, US
-------------------
This incident = July 22, 2007
Trojan link = http://65.190.164.184/?c21c83715e8517a32e6b9ea6878b15d7703a3b
Owner = Road Runner HoldCo LLC, Herndon, VA, US
-------------------
This incident = July 22, 2007
Trojan link = http://65.186.192.141/?819e14b1a14a2c2d8a18529a3ab9d352
Owner = Road Runner HoldCo LLC, Herndon, VA, US
-------------------
This incident = July 22, 2007
Trojan link = http://24.29.197.247/?17a32e6b9ea6878b15d7703a3
Owner = Road Runner HoldCo LLC, Herndon, VA, US
-------------------
This incident = July 22, 2007
Trojan link = http://75.87.211.16/?19d3383b4c009ee64d82c3a9ebeed43560
Owner = Road Runner HoldCo LLC, Herndon, VA, US
-------------------
This incident = July 22, 2007
Trojan link = http://65.29.196.179/?c21c83715e8517a32e6b9ea6878b15d7703a3b
Owner = Road Runner HoldCo LLC, Herndon, VA, US
-------------------
This incident = July 22, 2007
Trojan link = http://221.135.84.113/?a39ab8183e5868911e6c36a4bc955099675c
Owner = Satyam Infoway, Taramani, Chennai, IN
-------------------
This incident = July 22, 2007
Trojan link = http://67.149.250.199/?12445ec8b2a44c604a1e290b516c
Owner = WideOpenWest LLC, Naperville, IL, US
-------------------
------------------------------
Got News?
We'd love to hear about your news, software or hardware discoveries... just post at: our review input forms------------------------------
