Warning: New Virus Disguised as eGreeting Card
By CO Staff @canadaone | January 2, 2006
One of our staff received an email greeting card that appeared to come from a large greeting card website. When the person clicked on the link to the card the Internet was - luckily - down for a moment.
Lucky, indeed, for what loaded in the browser was a link with a small but potentially damaging extension - .exe had been added to the full path. As it turns out, the .exe was not visible in the email because these letters had been changed to white using an HTML tag.
When we found no evidence of a postcard.gif.exe virus we immediately contacted a security staff member at CA and learned that this was a new virus, MIRC/IRC Flood.
This new trojan virus tricks the recipient by making them believe that they are about to load a greeting card from a friend or colleague. This is why it is critical to take great care when clicking on links embedded in emails. If you are not certain that the email is legitimate, the best course of action is to not click at all.
While there are many variations to how this virus could be sent, here is the email that was received by our staff member. We will provide additional details on this virus and its removal as they become available.
Email with Trojan Horse link:
You have received a virtual greeting card !
You can pick up your postcard at the following web address:
(Your postcard will be available for 3 days.)
If you can't click on the web address above, you can also
visit E-Greetings at:
Oh -- and if you'd like to reply with a postcard,
you can do so by visiting this web address:
We hope you enjoy your postcard, and if you do,
please take a moment to send a few yourself!
Regards,
and enter your pickup code, which is:
(Or you can simply click the "reply to this postcard"
button beneath your postcard!)
Promenada E-Greetings and Postcards just for You !
If you enjoyed this article, be sure to visit CanadaOne's article knowledge base for more informative articles.