Posted by chris on Wednesday, December 16, 2009 – 10:20 AM
Filed under malware, virus
Tagged as malware, virus
Just got an e-mail that says it’s from e-cards@hallmark.com with the subject: You have received A Hallmark E-Card! It had an attachment called Postcard.zip which was identified by my antivirus, I use NOD32 by E-Set
__________ ESET NOD32 Antivirus warning, version of virus signature database 4693 (20091216) __________
Warning, ESET NOD32 Antivirus found the following threats in the message:
Postcard.zip – probably a variant of Win32/Merond.AA worm – deleted
Postcard.zip > ZIP > document.chm .exe – probably a variant of Win32/Merond.AA worm – was a part of the deleted object
This came from one of my works TV affiliates mailing list. So I am guessing it is one that goes through your address book and sends itself to everyone on there.
Figured this was also a good time to remind people to be careful with any “e-cards” they get. Watch out for infected attachments, as was the case with this one, and watch for links that send you to websites designed to infect you or steal your identity / information.
Posted by chris on Friday, December 4, 2009 – 3:09 AM
Filed under phishing, scams
Tagged as phishing
Phishing scams seem to keep on rolling. Recently I have been seeing a lot of them that claim to be survey companies. They aren’t too hard to spot. The e-mail address that they supposedly come from, may be a legit survey company. In the body they will ask you to register by filling in all your information like name, address, phone number etc. and send it to and email address that is in the body of the e-mail. This is what makes it so easy to spot. The e-mail address they want you to send your “registration” info to is different than the one listed in the header and usually a variation of it. For example, I got one that said it was from register@surveys.com in the e-mail’s header, yet they wanted you to send your registration information to surveys@gmail.com or @yahoo.com or some other address. If these were legit, they wouldn’t have you register by e-mailing your information and to an address that’s different from where it supposedly came from. I don’t think any of them would have you e-mail them your information at all, you would register on a website. So far I have seen 6 variations of this in about a week. I wouldn’t be surprised if they actually set up websites with registration forms next. Just to be safe, I would never send identity related information to anyone no matter what they claim they need it for, unless you expected the e-mail in the first place. Remember, just because an e-mail says it’s from someone, this can be spoofed to say anything.
