I have seen these messages in my Gmail spam box quite regularly. Be on the look out...
Someone send you an e-greeting? Don't open it
August 6, 2007
BY MIKE WENDLAND
FREE PRESS COLUMNIST
Feeling popular these days?
To judge by the amount of e-mail circulating through cyberspace claiming to be greeting cards sent by secret admirers, long-lost school chums or colleagues sending you their best wishes, it's like the Internet has turned into a delivery system for group hugs.
Don't fall for it.
There's nothing friendly at all about this sudden greeting card deluge. Instead, it's yet another effort by hackers and malicious virus-writers to infect your computer with junk that, at best, clogs and slows down your hard drive or, at worst, turns your computer into a zombie machine that the bad guys can control to spew out spam or launch cyberspace attacks.
"This is one of the worst attacks we've seen in years," said Adam Swidler, a senior manager with the Internet security company Postini. "The bottom line here is if you get a note saying you have an e-greeting card and to click a link to open it... whatever you do, don't."
Instead of a greeting, the link leads to what is known as the Storm Worm, a powerful snippet of code that installs on the unsuspecting user's computer and then begins to send out spam to everyone on the user's contact list.
Once installed, the computer, in effect, becomes what is known as a bot, as in robot, remotely programmed to send out e-mail announcing the phony greeting cards to everyone on the user's address book.
Both the FBI and the U.S. Federal Trade Commission have issued official warnings to consumers about the e-greeting card scam and the malware -- short for malicious software -- it installs.
"Like many other Internet fraud schemes, the perpetrators use social engineering tactics to entice the victim, claiming the card is from a family member or friend," according to the official warning from the FBI's Computer Crime Complaint Center. "Although there have been variations in the spam message and attached malware, generally the spam directs the recipient to click the link provided in the e-mail to view their e-card. Upon clicking the link, the recipient is unknowingly taken to a malicious Web page."
The Web pages are taken down as soon as a worldwide team of spam fighters identifies them. But the people behind the attack have been setting up new sites with each barrage of e-mails and it is from a link on those sites that the malware is installed.
The Storm Worm first surfaced in Europe in January and is so named because the first messages tried to capitalize on a series of winter storms there, urging recipients to click a link for storm-related information.
It died down quickly only to begin with again with a vengeance earlier this summer, this time attached to the e-greeting card spam scam.
Swidler says it identified more than 400 million of the fake greeting card messages in July alone.
"This is one of the worst and sustained attacks the Net has undergone and quite frankly, there's an incredible amount of concern that whoever is behind this has assembled a bot army that is going to continue this for some time," he said. "This is quite ominous, really."
So far for 2007, the number of virus and worms being circulated on the Net is twice what it was last year at the same time, said Swidler. "On some days over the last month, it's been 10 times more. This is a very difficult problem to contain and so far, whoever is behind it is way ahead of those trying to stop them."
MIKE WENDLAND is the Convergence Editor and Video Columnist for the Free Press. He can be reached at firstname.lastname@example.org or 313-222-8861. To see Mike's video report on this, go to www.freep.com/wendlandvideo