Beware of fake greeting cards
"It is just the latest trick for attackers to get users to install malicious software on their machines," said Zulfikar Ramzana, a Senior Principal Researcher in the Advanced Threat Research Group at Symantec.
"This is one of the worst attacks we've seen in years," said Adam Swidler, a senior manager with the Internet security company Postini. "The bottom line here is if you get a note saying you have an e-greeting card and to click a link to open it... whatever you do, don't."
According to Mike Wendland, of The Detroit Free Press's Online edition named Freep, "Instead of a greeting, the link leads to what is known as the Storm Worm, a powerful snippet of code that installs on the unsuspecting user's computer and then begins to send out spam to everyone on the user's contact list."
According to Washington Post technology writer Brian Krebs, "Previous e-greeting card scams harbored their viral payload in an infected e-mail attachment, but fraudsters now are simply embedding links in the fake card messages."
Krebs said, "The nasty greeting cards have been traced back to tens of thousands of machines infected with the Storm Worm, without a doubt, 2007's most prolific and successful e-mail worm. Storm and its flurry of poisoned e-greeting cards are responsible for one of the biggest virus outbreaks in recent history."
Krebs said, "Microsoft Windows users would be well-advised to simply delete any e-greeting cards that land in their inboxes."