Fake e-card pickup notices are typically used to deliver malware; however, in the past several weeks Symantec has noticed a series of online pharmacy attacks employing the same strategy. To pick up an e-card, the recipient must click on a link in the message. These links take you to the e-card site and display your card. As with an e-card malware attack, the spammer has replaced this link with one of their cleverly crafted URL traps. The observed messages appear as if they were sent from some of the more well known online greeting card service providers. However, unlike any legitimate e-card pickup notices, the link will redirect you to an online pharmacy site selling their wares at discount prices. Here is what the message looks like in an inbox: A legitimate e-card collection notice will usually provide the name or email address of the sender in the subject line and in the message body. If there is no identification info presented in the message, please delete the message without clicking on the link to prevent contact with security risks.