Beware of Christmas greetings bearing spyware as a gift

Well, it's 3 weeks to Christmas, and that means it is likely that friends & family will be sending on-line Christmas cards. But they won't all be from friends - some will be attempts to scam you out of your hard-earned money:

Bradenton Herald | 12/03/2006 | Scams hide in season's greetings

Quote:

'Tis the season to start receiving greeting cards, and a growing number of them, conveniently, will come via the Internet. There's only one problem: Some of the e-mails saying that you have an e-greeting card from a friend or family member may instead be from a scam artist intent on obtaining your Social Security number, credit card data or even brokerage account information. "People like receiving greeting cards this time of year, and they are likely to click on these greetings" if they are in their e-mail inbox, said Stu Elefant, senior product manager for McAfee Inc., an Internet security firm that markets products that detect unsafe Web sites or e-mail. "There is more cybercrime because peoples' defenses are down. They are in a more trusting mood, thanks to the holidays, and they are looking online for bargains." That is an irresistible mix for increasingly clever cybercrooks as they realize more people than ever will shop online this holiday season, as well as seek to save postage - and time - by e-mailing holiday greeting cards. (continued)

Quote:

But as more people turn to the Internet for at least some of their holiday purchases - or simply for comparison shopping - more crooks, too, are tracking their movements. The average loss per "phishing" scam grew from $257 in 2005 to $1,244 in 2006, according to a November report from Internet research firm Gartner Inc. Losses stemming from such attacks reached more than $2.8 billion this year, Gartner found. In Australia, a scam was uncovered in late October by Exploit Prevention Labs that was perpetrated through e-greeting cards. According to a TechNewsWorld story, accounts at nearly every Australian bank were affected when a major cybercrime group used fake Yahoo greeting cards to infect computers with malicious software that tracked keystrokes on PCs. This so-called "keylogger" software was used to steal credit card numbers, bank account user names and passwords. (continued)

Quote:

Indeed, since early fall, numerous computer users across the U.S. have noted a marked increase in e-card-based spam e-mail. The subject line typically reads, "You've received a greeting from a family member" or "You've received an animated postcard." The text inside these "phishing" e-mail messages asks people to "click here" to see the card. Phishing scams are an attempt to trick people into revealing personal information. If they click on these links, they could unwittingly be downloading software that could be used to separate users from their hard-earned holiday bonuses. (continued)

I don't use of these electronic greeting cards services anymore, and I delete any I get without opening them. If I want to send a card, I find a nice picture & insert that in an email from my personal email address.

I have a very excellent subscription ecard site (JacquieLawson), but to play safe, I send an explanatory email approx 30 mins before sending the card itself.

In a way, it does spoil the surprise, but it lets the recipient knows it's a legitimate site they're going to....