Virus: You've Received a (Hallmark) Postcard from a Family Member!
Examples:
[Collected via e-mail, November 2012]
PLEASE FORWARD THIS WARNING AMONG FRIENDS, FAMILY AND CONTACTS!
You should be alert during the next few days. Do not open any message with an attachment entitled *POSTCARD FROM HALLMARK*, regardless of who sent it to you.
It is a virus which opens *A POSTCARD IMAGE,* which 'burns' the whole hard disc C of your computer.
This virus will be received from someone who has your e-mail address in his/her contact list.
This is the reason you need to send this e-mail to all your contacts. It is better to receive this message 25 times than to receive the virus and open it.
If you receive an email entitled *"POSTCARD,"* even though it was sent to you by a friend, do not open it! Shut down your computer immediately. This is the worst virus announced by CNN.
It has been classified by Microsoft as the most destructive virus ever.
This virus was discovered by McAfee yesterday, and there is no repair yet for this kind of Virus.
This virus simply destroys the Zero Sector of the Hard Disc, where the vital information is kept.
[Collected via e-mail, April 2008]
You have just received a virtual greeting from a family member!
You can pick up your greeting at the following web address:
clicking the link below:
http://www.123greetings.com/?a91-valets-cloud-187
If you can't click on the web address above, you can also visit E-Greetings at http://www.123greetings.com/ and enter your pickup code, which is: a91-valets-cloud-187
(Your greeting will be available for 60 days.)
[Collected via e-mail, June 2007]
You've received a postcard from a family member!
Good day.
Your family member has sent you an ecard from notme.hk.
Send free ecards from notme.hk with your choice of colors, words and music.
Your ecard will be available with us for the next 30 days. If you wish to keep the ecard longer, you may save it on your computer or take a print.
To view your ecard, choose from any of the following options:
--------
OPTION 1
--------
Click on the following Internet address or
copy & paste it into your browser's address box.
Copy & paste the ecard number in the "View Your Card" box at http://notme.hk/
Your ecard number is
6e47840d8e117868911e6c3
Best wishes,
Postmaster,
notme.hk
*If you would like to send someone an ecard, you can do so at
http://notme.hk/
Variations: Other subject lines used with this message include the following:
You've recieved a Hallmark E-Card!
You've received a greeting card from a school-mate!
You've received a greeting ecard from a class mate!
You've received a greeting ecard from a neighbour!
You've received a greeting postcard from a partner!
You've received a greeting postcard from a worshipper!
You've received a postcard from a family member!
You've received a postcard from a neighbour!
You've received a postcard from a worshipper!
You've received an ecard from a colleague!
Class-mate sent you an ecard from vintagepostcards.com!
Colleague sent you a greeting ecard from postcardsfrom.com!
School mate sent you a greeting ecard from greetingcard.org!
Family member sent you a postcard from dgreetings.com!
Neighbour sent you a greeting ecard from NetFunCards.com!
School-mate sent you an ecard from mypostcards.com!
Worshipper sent you an ecard from greetingcard.org!
Colleague sent you a postcard from egreetings.com!
Neighbour sent you a greeting ecard from all-yours.net!
School friend sent you an ecard from postcards.org!
Holiday e-card
Movie-quality e-card
Love postcard
Birthday e-card
Thank you card
Musical postcard
Funny postcard
Synopsis: Computer viruses have been distributed through e-postcard notifications in the past, but current warnings of such viruses are generally outdated or outright hoaxes.
Origins: Many web sites offer a service that allows a user to send a customized "greeting card" (or "postcard") to a relative, friend, or acquaintance, delivered
as an e-mail message containing a hyperlink which the recipient follows to visit the originating site and view the card. Sending out phony e-card notifications is therefore an effective method of camouflaging viruses and inducing unwitting recipients into clicking on links that install malicious programs onto their computers.
A wave of malicious messages (like the one reproduced above) sent out in June 2007 employed that very technique, arriving in inboxes bearing subject lines such as "You've received a postcard from a family member!" The messages contained URLs that recipients were supposed to visit to retrieve their e-cards, but those URLs actually pointed to servers hosting a variety of malware (including a variant of the Storm Trojan, "an aggressive piece of malware that has been hijacking computers to serve as attacker bots" since early 2007) that was furtively installed onto victims' PCs. (Generally, only unpatched Windows-based systems were vulnerable.)
The underlying worm was the same one that had appeared in messages with subject lines as "Sending You All My Love," the
"Laughing Kitty," the "Dancing Skeleton," as well as several game and music download offers. According to spamtrackers.eu:
The storm network is large enough to cut off internet access from any institution its operators choose to attack via a "distributed denial of service attack," in which hundreds or thousands of computers request files from a server simultaneously. The entire country of Estonia was brought down that way last year. The network is actually available for rent for anyone who wishes to use it to send spam, host illegal websites, or stage denial of service attacks.
Storm is a serious threat for several reasons. It communicates "peer-to-peer" instead of via a "command and control" network. For that reason, you can't just disable a few computers that are feeding instructions to the others. The virus download is encrypted, so it is difficult for antivirus programs to recognize, and infected computers are updated by the peer network on a daily basis to keep antivirus programs from recognizing it once they are updated to recognize previous editions of the virus. The number of infections worldwide is massive, and a quarter of them are on major networks in the US like SBC, Comcast, and Roadrunner. That means that a bank or other business under denial of service attack can't simply block all traffic from certain segments of the internet, because it would be blocking its own users that are sharing those same internet addresses with storm infected computers as they log in and out of the internet. It is believed that Storm's operators are located in St. Petersburg, Russia, are known to the Russian government, and enjoy its protection.
Since antivirus programs will not protect your computer, the most important thing is for people to be extremely suspicious about where they go and what they click on. Never click on any link in an email from someone you don't know. Never click on a link in an advertisement on the internet — if you want to visit that site, look up the address yourself.
Since many of these types of malicious messages imitate notifications from legitimate e-card sites, recipients should get into the habit of never clicking on links contained within e-card notification e-mails. Instead, go directly to the web site of the card company, find the card pickup page within that site, and enter the ID code included in the e-mail. (If the message was a fake, the worst that will happen is that you won't get a card.)
However, although the fake greeting card or postcard lure for delivering viruses may be used again in the future, warnings like the ones referenced above are several years old and no longer pose any threat to computer users who have relatively up-to-date anti-virus software. For the most part, messages currently forwarded by well-intended people to warn others about the Postcard virus merely contribute to confusion by including hoax elements within them, as well as links to our article about the "Virtual Card for You" hoax. Other versions of the postcard virus warning erroneously combine it with elements of the Invitation virus hoax:
Get this E-mail message sent around to your contacts ASAP. PLEASE FORWARD THIS WARNING AMONG FRIENDS, FAMILY AND CONTACTS! You should be alert during the next few days. Do not open any message with an attachment entitled 'Invitation' OR ONE CALLED 'POSTCARD,' Regardless of who sent it to you. It is a virus which opens an Olympic Torch OR A POSTCARD IMAGE, which 'burns' the whole hard disc C of your computer. This virus will be received from someone Who has your e-mail address in his/her contact list. This is the reason why you need to send this e-mail to all your contacts. It is better to receive this message 25 times than to receive the virus
and open it.
If you receive a mail called 'Invitation' even though sent to you by a friend, do not open it. Shut down your computer immediately.
This is the worst virus announced by CNN. It has been classified by Microsoft as the most destructive virus ever. This virus was discovered by McAfee yesterday, and there is no repair yet for This kind of virus. This virus simply destroys the Zero Sector of the Hard Disc, where the vital information is kept.
COPY THIS E-MAIL, AND SEND IT TO YOUR FRIENDS. REMEMBER: IF YOU SEND IT TO
THEM, YOU WILL BENEFIT ALL OF US.
BIG VIRUS COMING !!! PLEASE READ & FORWARD !!!
http://www.snopes.com/computer/virus/postcard.asp
Hi All, I checked with Norton Anti-Virus, and they are gearing up for this
virus!
I checked Snopes (URL above:), and it is for real!!
Get this E-mail message sent around to your contacts ASAP.
PLEASE FORWARD THIS WARNING AMONG FRIENDS, FAMILY AND CONTACTS! You should be alert during the next few days. Do not open any message with an attachment entitled 'POSTCARD,' regardless of who sent it to you. It is a virus which opens A POSTCARD IMAGE, which 'burns' the whole hard disc C of your computer. This virus will be received from someone who has your e-mail address in his/her contact list. This is the reason why you need to send this e-mail to all your contacts It is better to receive this message 25 times than to receive the virus and open it.
If you receive a mail called' POSTCARD,' even though sent to you by a friend, do not open it! Shut down your computer immediately.
This is the worst virus announced by CNN. It has been classified by Microsoft as the most destructive virus ever. This virus was discovered by McAfee yesterday, and there is no repair yet for this kind of virus. This virus simply destroys the Zero Sector of the Hard Disc, where the vital information is kept.
COPY THIS E-MAIL, AND SEND IT TO YOUR FRIENDS. REMEMBER: IF YOU SEND IT TO THEM, YOU WILL BENEFIT ALL OF US
Snopes lists all the names it could come in.
Although the Postcard virus was real, it isn't a "BIG VIRUS COMING" (it's already been around in multiple forms for a long time now), it will not "burn the whole hard disc" of your computer, CNN didn't classify it as the "worst virus" ever, and it doesn't arrive in messages bearing a subject line of 'Invitation.'
