[ad name=”new”]
Yesterday I received an e-mail purportedly from Hallmark cards telling me a friend had sent me an e-card. I immediately knew it was fake but was surprised that it led not directly to a phish (phoney) website but to a trojan download. So don’t click the link; it’s not from a friend but a cyber-criminal.
I cut and pasted the e-mail here in italics. (Notice the error in the subject line, “send” instead of “sent.”. Often fraudulent e-mails have misspellings or display poor English.)
From: “Hallmark Cards”
Subject: You have a card send from a friend!
Date: Mon, 5 May 2008 03:18:53 +1000
Hello ,
A friend has sent you a Hallmark Ecard
Click here to view your Ecard .
If you would like to return an Ecard to him simply go to http://ecards.msn.co.uk/
MSN
in association with
Hallmark Cards
Your privacy is our priority. Click the “Privacy and Security” link at the bottom of any page on http://ecards.msn.co.uk/ to see our privacy policy.
The link to view the e-card immediately initiated a download of the malware trojan horse . So beware an e-card from a unspecified or generic friend. I suspected something was amiss because the misspelling of “send” instead of “sent,” an unlikely error for a major retailer like Hallmark. Also it didn’t say which friend had sent it, which e-card e-mails usually do.
Click here to see what Hallmark says about these fraudulent e-cards.
[ad name=”new”]
I knew it was a phish (fraudulent) and wanted to report it to Phishtank so that is why I clicked the the link. However, instead of taking me to a phoney website, it started downloading the spyware immediately. To click the link, I deliberately used a Mac as a precaution. Macs are not susceptible to most spyware. Afterward, I ran my Mac virus software anyway. But I thought I would warn you. I still don’t know how to report it to Phishtank. I wrote to them but they didn’t write back. Sigh. Another unrequited relationship for Ms. Ducktoes.
Zapchast Trojan is the trojan. It is the most dangerous kind. It allows the criminal to take control of your computer. Click here for removal instructions. They are difficult, I warn you.
Also see this Ducktoes blog post on fixing the Hallmark Card malware. It will tell you some free or trial antispyware programs that will fix the Hallmark virus.
Or you can use Spyware Doctor with Antivirus. I am a reseller for this product, and it will work very well although it isn’t free. Spyware is getting worse and worse and Spyware Doctor is the highest rated antispyware. It will fix your problem.
[ad name=”co-2″]
[ad name=”new”]
12 Responses
I received a similar email and stupidly clicked on the link. It downloaded the file to my “Downloads” folder and I did not click on it to open it, but rather moved it to the Trash. I have a Mac. Should I be concerned that my Mac has this virus?
I did too, on my Mac, and nothing happened!! So I wouldn’t worry. But if I downloaded it to a Windows machine, I’d worry big time and run a virus software right away to get it off of there.
I did the same my computer slowed down a bit, scanned it with SuperAntiSpyware free edition & it found Trojan.Dropper/SVCHost -Fake.Process. In case anyone needs help in getting rid of it.
Pink
Thanks for the help. I agree!! I discovered SuperAntiSpyware free edition while trying to remove Windows XP 2008, the most difficult virus/trojan I’ve tried to clean.
I will add SuperAntiSpyware in my list of fixes and removal tools in my other post on the Hallmark card virus.
I have Window XP Pro. I click the link from the email and then realize it is a spam. I am not sure if I get the virus.
I already run the SuperAntiSpyware free edition which didn’t find anything. I also run Spybot Search & Destory and didn’t find anything. I also run Norton Anti virus and didn’t find anything.
So is that mean I computer is ok?
Please help.
Hi Joe,
Maybe you stopped it before your computer got infected. But just in case you could try Malwarebytes too.
I got one recently from an “unknown admirer”…..unfortunatly i was lonely enough to click on it 🙁
thnaks for sharing
What free virus software would you recommentd
I recommend both Avira and AVG both of which you can find online either at their respective websites or at http://download.cnet.com. Both are really good at catching viruses. Google either one and find the result that includes download.cnet.com in its address.
I used to prefer AVG over Avira until AVG stopped working with Combofix. I liked it better because of its easier user interface. Now I prefer Avira since you don’t have to uninstall it to run Combofix, which is, unfortunately, the only solution sometimes to an infected computer. Whoever, sUBS is, he ought to receive knighthood or hero-hood for the amount of computers he saves on an hourly basis, and does not even receive payment for it. What selflessness and expertise in one person!! Only people who are experienced techs should use Combofix, however.