Happy Easter! Are you really blessed? Spammers always have favorite holidays. And while they couldn’t join your family for an egg hunt this year, they didn’t forget to send their greetings during Easter week. During the past week we observed fraudulent e-card notifications spoofing a well known Internet e-card service site.The message contains legitimate From: and Subject: lines, along with a heart-warming Easter message to make up the body content. Spammers used a legitimate-looking pick up notification hyperlink to lure the recipient to click it. However, a PHP URL is embedded into HTML, which actually links users to another URL where malicious code may be downloaded onto their system.This is a typical spam tactic, but recipients should still be aware of it during this post-holiday season, since the scam still exists. We urge recipients to be aware of this type of greeting to avoid vicious attacks. Most importantly, do not open emails with suspicious PHP or executable files.Embedded URL:hxxp://easter.wow[removed].com/view.php
hxxp://[removed].com/[removed]/e-card.gif.exe
Sample message: