Sunday, February 22, 2009

Fake Hallmark Cards

I'm stealing ... uh, borrowing this blog from JFF today. They want to be able to visit some of you later and they need the use of this computer to do it. So, they don't really mind if I borrow their blog. Do you, guys? They're watching me, but none are shaking their head no.

I have always enjoyed receiving e-cards from Hallmark and a couple of other places I trust. I've received an endless stream of "e-cards" from various places that I've just deleted. A real card would tell you who it is from, not just that you received "a card from family or friend" I don't ever click on a card without knowing who it is from and if I have any doubt whatsoever, I email for confirmation the person actually sent it or I just delete it. I would far rather someone be upset with me for deleting their card than to pick up a virus for being too trusting.

I just received one with, "You've received a Hallmark E-card" as the subject. It was from: "postcards @hallmark.com. I was immediately suspicious because Hallmark always includes who sent one of their cards. One good thing about Outlook Express, it allows you to check out the properties without opening the message. I noticed it had an .exe attachment and lots of code. But out of curiosity, I went to Hallmark and searched for "postcard."

They have a good list of what to do and what not to do. I hope they don't mind I'm borrowing it. The link to the information is at the bottom.

Oh, and before I forget, I receive some cards others have received and they pass on the link to others. I really prefer not to receive a second-hand link to a card since the one forwarding it could be passing on a link to spyware or a virus without realizing it and there is no way I would be able to know until too late.

Yesterday I saw a post on a blog about an important Microsoft update. I assumed it came from a news source but when I googled it, I found it was from an email and if anyone clicked on the link in the message, the program downloaded would not be from MS. I'm posting this as a reminder to be very careful of what you click on! And what you download. Some gadgets and widgets appear to be fun but when downloaded can wreak havoc on your blog and/or computer.

Surf wisely and be safe!
Jan

Okay, guys, you can go visit your friends now.

***********************

Is Hallmark sending spam E-Cards?
Fraudulent E-Card appears to be from Hallmark
Hallmark is one of several greeting card companies being targeted via fraudulent e-mails that are flooding the Internet. These e-mails claim to have a link to an E-Card from a family member, friend or neighbor. Clicking on the link downloads a virus onto your computer that compromises personal data.
What you can do:

Delete the e-mail without opening it.

If you have opened it and want to forward it to us, send it to abuse@hallmark.com. Due to the large amount of e-mail we receive at that address we will not be able to reply to your e-mail, but we will investigate. Then delete the e-mail from both your inbox and your sent folder. If you click on the link in the bogus e-mail, you will launch a Trojan virus. This virus installs an Internet Relay (IRC) chat client and causes the infected computer to connect to an IRC channel. Attackers then use that connection to remotely command your machine for the purpose of gathering your personal information. An example of this virus is the Zapchast virus.

If you use Windows XP and Internet Explorer you should visit update.microsoft.com to update your browser and operating system. Then you will be less likely to be affected by the virus.

Report suspicious e-mail to your e-mail service provider so they can take action.

File a complaint at http://www.ic3.gov/.
If you are unsure if you've received a legitimate Hallmark E-Card, don't click on a link in the e-mail. Instead locate the EG number in the e-mail and use our E-Card pickup.
What Hallmark is doing:

Contacting the Internet providers identified as the source of the spam requesting that they shut down the imposters.

Working with Microsoft to include the virus code in their phishing filter to protect consumers who use their web browser and e-mail client software.

Working with anti-virus software corporations to get the virus code added to virus definition updates.

Reviewing Hallmark’s E-Card notification and pickup procedures.

Educating consumers about how to avoid E-Card abuse.

How to tell if a Hallmark E-Card notification is real:
1. Hallmark e-card e-mails do not include any attachments. To be safe, if you receive an e-card notification with an attachment delete it immediately then empty your "trash" or "deleted e-mails" from your email client.
2. A legitimate Hallmark e-mail notification will come from the sender’s e-mail address, not Hallmark.com.
3. The sender's first name and last name will appear in the subject line. If you do not recognize the name of the person sending the E-Card, do not click on any links in the e-mail. Delete the e-mail.
4. The notification will include a link to the E-Card on Hallmark.com as well as a URL that can be pasted into a browser.
5. The URL will begin with http://hallmark.com/ followed by characters that identify the individual E-Card.
6. Hallmark E-Cards are not downloaded and they are not .exe files.
7. In addition, Hallmark.com will never require an E-Card recipient to enter a user name or password nor any other personal information to retrieve an E-Card.

E-mail Safety Tips
* Don't open e-mails you know are spam. A code embedded in spam advertises that you opened the e-mail and confirms your address is valid, which in turn can generate more spam.
* Don't open e-mails from unknown senders.
* Don't open attachments in e-mails unless you are expecting to receive one. If you receive an attachment that you are not expecting, even if it’s from someone you know, first read the e-mail and make sure the attachment is legitimate. If you're still not sure, call or e-mail the sender to confirm, but do not reply to the original e-mail.
* Don't click on links in e-mails that appear to be from financial companies (PayPal, banks, credit card companies, etc.) that direct you to verify or confirm account details. Instead, call the company if you are concerned about your account

Hallmark Answer link to the above information.

15 comments:

  1. Hi Jan, Excellent post...we cannot b reminded to much on email safety...i get those too, and delete them..in fact, i am sooo watchful that i prolly delete "real" emails...what worries me, is when they send to u using a friends name..how do u no when to open..(this is what i mean b prolly deleting a legit email)..i have no idea y anyone would want to send anybody a virus..just makes no sense to me..

    b safe,
    rockys mama..

    ReplyDelete
  2. thanks for posting that...im always leary of anything from a bank or Comcast, which is our internet provider, but i NEVER thought about hallmark, im always getting cards from people...thanks for making me aware of this...ps, great blog!

    ReplyDelete
  3. Thanks for stopping by our blog! :)

    ReplyDelete
  4. Great info - thanks. If you want A LOT more info on this, I went to snopes.com to search for more and this link will tell you more.

    http://www.snopes.com/computer/virus/postcard.asp

    I know we're talking about evil links and here I am posting one :/

    ReplyDelete
  5. Good information. I have been getting emails from BankAmerica for about seven years and I have never had an account with them.

    I'm a very paranoid emailer and I would rather hurt someone's feelings than go to an unknown link. If they ask why I didn't get their card, then I'll know it's safe.

    ReplyDelete
  6. Thanks for the warning. Our mom takes precautions like you mention, but it is so important to keep informed about new virus threats, because the bad guys are always coming up with new ways to trick people into catching computer viruses.

    ReplyDelete
  7. Jan, thanks for reminding us to be safe online. Eldest boy bean once downloaded a virus that killed Windows. Thankfully a good friend talked Mommy through how to download the patch and fix it. Something she wouldn't have been able to do IF the computer had not had two seperate drives as the drive Windows was on was hosed. But Mommy said lots of bad words. ~S,S,C & F

    ReplyDelete
  8. Thanks for the good reminders. We always copy and paste links into our browser rather than click on them. If they can't be copied, we delete them unless we are 100% sure who it is from.

    ReplyDelete
  9. Great job!

    My mom has been getting a good number of those Mikhroskhwish updates emails at her office...she knows they aren't real...

    I'm glad woo've spread the word!

    Hugz&Khysses,
    Khyra

    ReplyDelete
  10. Thanks so much for the information. My mom does pretty well with all of the attachments and links in emails, but she keeps trying to teach my grandpa bean! He wants to open everything.

    ReplyDelete
  11. It's good to be reminded of such things - thanks much! :)

    ReplyDelete
  12. Oh.. thanks for the warning.. There really is alot of fake things on the internet now

    ~ Bae

    ReplyDelete
  13. Thanks for the information! Those viruses and what nots really are a pain!!

    ReplyDelete
  14. Hi Jan,
    Thanks for the warning... our mom does not usually pay attention to the details, hence your warning is a great reminder!!

    ReplyDelete
  15. great post!!!

    to answer your question in our comments: we are in the eastern time zone. There's a trick to changing the dates of your post - when you do your post and publish it, go right back and edit the post - right underneath the box where you type your content, there's a link called Post Options. When you go in there, you can change the date and time of your post. We has to publish our posts the night 'afore 'acause mommy goes to bed early, and she's too busy in the morning to help us. (Plus, we's eating prekfest too).
    Hope this helps!!!

    ReplyDelete

Thanks. We love to hear from you.