The holidays are here again, and with them come the yearly flood of electronic greeting card scams. As popular as eCards are with your brother Phil and your Aunt Lucy, they're even more popular with Internet fraudsters.
This year more than ever, the eCard you receive “might” be legit, or it “might” be an attempt to trick you into giving an attacker access to the information on your PC. The e-thieves' biggest targets are credit card numbers, bank account details and other information that could help them steal both your identity and your money. Worse, the eCards themselves can appear to come from legitimate sites or to have been sent by your actual friends and relatives. Telling the legitimate eCards apart from the scams can be very difficult, and guessing incorrectly can cause real problems.
So what can you do to help protect yourself (and the Lab) from this type of attack? The most effective thing is simply to avoid viewing the eCard, at least until you have verified that it was sent by someone you know. If you receive an email asking you to “click here to pick up your eCard,” don't do it. If you do not recognize the sender's address, simply delete the email. It's almost certainly a scam. If you do recognize the sender, send them an email and ask if they really did send the eCard. If so, it's probably safe to read the eCard. If they tell you that they did not send the card, simply delete the message and bask in the knowledge that you've helped maintain the Lab's cybersecurity and protected your personal information.
If you'd like to do some additional reading on the subject, here are a few good URLs to start with:
Submitted: Monday, December 18, 2006 - 2:00pm