Iowa State University

ITInformation Technology

Greeting Card & Patch Scam - Don't Click that Link!

This news item expired August 1, 2007. It may contain out-of-date information.
You should double-check who sent that email greeting card before you click on the link. A new scam is notifying the receiver that, "You've received a postcard from a family member!" (or some variation).

When the receiver clicks on the malicious link in the email, the website exploits the web browser and compromises your system. Sometimes an additional link is provided that might read something like, "We are currently testing a new browser feature. If you are not able to view this ecard, please click here (/ecard.exe) to view in its original format." When the link is activated, malware is downloaded compromising your computer.

Another recent scam informs the receiver, "Our robot has detected an abnormal activity from your IP adress on sending e-mails. Probably it is connected with the last epidemic of a worm which does not have official patches at the moment. We recommend you to install this patch to remove worm files and stop email sending, otherwise your account will be blocked." The patch is not from any Support Team and will only download malware.

Both scams are capable of causing significant damage to an individual's system. Users are encouraged to exercise caution when clicking on links within emails from unknown users. Legitimate anti-virus software packages do not prompt users to update via emailed links, but up-to-date anti-virus software will flag some of the malware being downloaded. Make sure that your anti-virus software is current. If you receive a greeting card scam email or the patch scam email, delete it immediately.

If you believe your system has been comprised or if you have questions about these latest scams, contact your departmental IT support or the IT Services Solution Center at 515-294-4000.