Archive

Archive for August 7th, 2007

Greeting Card spam

August 7th, 2007 Michael Farnum

Been getting a steady flow of greeting card spam trying to get me to visit some different sites.  All the IPs are in the bowels of Comcast.

Hi. Friend has sent you a greeting ecard.
See your card as often as you wish during the next 15 days.

SEEING YOUR CARD

If your email software creates links to Web pages, click on your card’s direct www address below while you are connected to the Internet:

http://98.199.79.254/?8911e6c36a4bc955099675c500

Or copy and paste it into your browser’s “Location” box (where Internet addresses go).

We hope you enjoy your awesome card.

Wishing you the best,
Administrator,
AmericanGreetings.Com

 

Hi. Neighbour has sent you an ecard.
See your card as often as you wish during the next 15 days.

SEEING YOUR CARD

If your email software creates links to Web pages, click on your card’s direct www address below while you are connected to the Internet:

http://24.34.120.226/?71d7d41977bc649ea95523893

Or copy and paste it into your browser’s “Location” box (where Internet addresses go).

We hope you enjoy your awesome card.

Wishing you the best,
Administrator,
netfuncards.com

 

Hi. Worshipper has sent you a greeting card.
See your card as often as you wish during the next 15 days.

SEEING YOUR CARD

If your email software creates links to Web pages, click on your card’s direct www address below while you are connected to the Internet:

http://71.203.99.209/?3c5c036b0339eb3a6075338ee7c

Or copy and paste it into your browser’s “Location” box (where Internet addresses go).

We hope you enjoy your awesome card.

Wishing you the best,
Webmaster,
egreetings.Com

Update: I posted this and then went looking at some other blogs.  I found this on the Symantec blog State of Spam post:

Greeting card spam containing links to viruses was seen in higher than usual numbers in July. More than 250 million Symantec customers were targeted with these message types. Around the Fourth of July a particularly large outbreak was seen and blogged on. The content of the greeting cards consists of an exposed IP address in most cases, which is a very good indicator that the card is not genuinely good. These exposed IP address links were downloading Trojans onto computers. A sample of this message type can be seen in the August State of Spam Report.

Vet

Categories: Security