Jump to navigation
| Thursday, September 28, 2006 | |
This one would only come from a family member that really despises you:
"You have just received a virtual postcard from a family member!
You can pick up your postcard at the following web address:
http://www2.postcards.org/?a91-valets-cloud-31337"
This one would probably ruin your day.
This scam goes on to say:
"If you can't click on the web address above, you can also
visit 1001 Postcards at http://www.postcards.org/postcards/
and enter your pickup code, which is: a91-valets-cloud-mad
(Your postcard will be available for 60 days.)
Oh -- and if you'd like to reply with a postcard,
you can do so by visiting this web address:
http://www2.postcards.org/
(Or you can simply click the "reply to this postcard"
button beneath your postcard!)
We hope you enjoy your postcard, and if you do,
please take a moment to send a few yourself!
Regards,
1001 Postcards
http://www.postcards.org/postcards/ "
So what is the scam (or possible virus)? The link to pick up the postcards will take you to a site that will download a file named "postcard.exe" and it's not located at postcards.org either. Also notice that the pickup code of "a91-valets-cloud-mad" does not match the URL's code of "a91-valets-cloud-31337". This is another clue that someone's out to get you and it's probably not a family member. From my experience with these systems, the emails identify by name the person that sending you the postcard. Lesson, watch those links carefully!
P.S. neither of these pickup codes exists at Postcards.org
Posted on 09/28/06 at 08:47:19 by Jim Gray
Category: Scams
Comments
thank god there is people who understand these to find it was a scam things im only just learning , i nearly opened the post card the thought it was a bit funny , so typed the name in and found my self here ,
Again, like others have said before me
I opened it. But then had a warning from
windows XP asking and warning me not to
continue, of course I said no. Am I safe?
Thanks for the Heads up! I am getting a bunch of those "family Post Cards"
You saved me!
You have recieved A Hallmark E-Card. 5/25/2007
Same postcard.exe but with a new e-mail from Hallmark. Looks real nice, but still is a Trojan, Virus.
This has ben sent to an e-mail 2 times today in less than 3 hours. The e-mail account is only used for web postings like this so some how it was spiddered etc.
Leave a Comment
I just *stupidly* downloaded the postcard from a friend and my AVG caught it. I put it in the virus vault but what more should I do? Thanks for any and all advice! kari@susanparrtravel.com
Can someone clarify? Is this a trojan, a virus, attempt to get information, send someone a keylogger, or what? Is this a random thing like the ebay phishing scams?
Postcard.exe alive and kicking on 6th March 2007. Similar as 1st posting but obviously a virus (links do not match!)
Ok. So I'm a dummy and I got an email titled "Your pretty smile" with postcard.exe attached and I opened it. AVG immediately caught something and I deleted that but I still have it REALLY bad. It right away disabled Norton and AVG isn't catching it. It keeps popping up Windows Installer boxes and it has disabled several other programs... HELP!!!!!!!! e-mail me please!!! purplemusicbooks@yahoo.com
I carefully DIDN'T download and run the postcard.exe file (which comes with or without the spurious .gif "extension that isn't" depending on how it's sent!)
I did download it so I could examine it using the good ol' DOSSHELL file viewer, and found out it's a 32-bit Windows executable that has several text references to a "randfile" folder and its subfolders (which I assume it creates when run?).
In my case, the spurious viral file seems to have been illicitly added to a website called "Glamordance" (probably a real site...it seems to promote ballroom dancing, possibly in Spanish?)
which is where clicking on the phish-style phony link takes you.
Anybody know which virus the .exe actually puts on your computer if you're too uninformed not to run it?
Reach me at stevenc@interlinks.net
in case I don't re-visit...
...stevenc
I'm a little behind the times. I have had a postcard sitting in my inbox for awhile, from a "family member" and after I read this I went and checked it out. Of course it was what you are talking about here. Thank you so much for the info. It prevented me from opening and getting a virus. I originally did not open because it did not say what family member it was from.
Thanks....
Jim,
I can't thank you enough for reminding us of the everpresent dangers so readily available to the great masses of uninformed people trying to learn their way around the net. With many new people trying to "work from home" for the first time, good people such as yourself are a refreshing reminder that we are not alone. Thank you for the support and being there.
Howard Feight
I have received one of these emails and opened it without thinking and boom. Trojan Horse. Thank God for AVG.
Since then I have received a couple more and deleted them immediately.
Eskarla
Hi Jim,
Thank you for the update. Maybe you can help ....AVG had been telling me for the last 24 hr that a trojanhorse virus has struck called Java/Byteverify and PSW.Generic2.IGX. I have run AVG in Safe Mode and still there. I move it many times to the vault and delete it..it keeps coming any suggections?
Richard
Thank you for this important information. I will pass it on to others, as we all should do.
Debbie
Add Comments
|
