Myth Blaster: Postcard Virus Alert


Diane S., Wisconsin sent an inquiry about email concerning a virus, as follows:

A new virus has just been discovered that has been classified by Microsoft as the most destructive ever. This virus was discovered yesterday afternoon by McAfee. This virus simply destroys Sector Zero from the hard disk, where vital information for its functioning are stored. This virus acts in the following manner:
“You’ve received a Post Card from a Family member”.
As soon as the supposed virtual card is opened the computer freezes so that the use has to reboot. When the ctrl + alt +
del keys or the reset button are pressed, the virus destroys Sector Zero, thus permanently destroying the hard disk. Yesterday in just a few hours this virus caused panic in New York, according to news broadcast by CNN. This alert was received by an employee of Microsoft …
So don’t open any mails with subject” “A Post Card from:. As soon as you get the mail, delete it! Even if you know the sender!

Myth Blaster Verdict: It is a real virus; however the postcard scenario is a HOAX.

Urban Legends provides a copy of the email and also shows alternate subject line messages used and its variations.

Subject: You’ve received a postcard from a family member!
Good day.
Your family member has sent you an ecard from notme.hk.
Send free ecards from notme.hk with your choice of colors, words and music.
Your ecard will be available with us for the next 30 days. If you wish to keep the ecard longer, you may save it on your computer or take a print.
To view your ecard, choose from any of the following options:
——-

OPTION 1
————-

Copy & paste the ecard number in the “View Your Card” box at http://notme.hk/
Your ecard number is 6e47840d8e117868911e6c3
Best wishes,
Postmaster,
notme.hk
* If you would like to send someone an ecard, you can do so at http://notme.hk/

Urban Legends (Snopes) writes:

Many web sites offer a service that allows a user to send a customized “greeting card” (or “postcard”) to a relative, friend, or acquaintance, delivered as an e-mail message containing a hyperlink which the recipient follows to visit the originating site and view the card. Sending out phony e-card notifications is therefore an effective method of camouflaging viruses and inducing unwitting recipients into clicking on links that install malicious programs onto their computers.
A wave of malicious messages (like the one reproduced above) sent out in June 2007 employed that very technique, arriving in inboxes bearing subject lines … The message contains URLs that recipients are supposed to visit to retrieve their e-cards, but those URLs actually point to servers hosting a variety of malware (including a variant of the Storm Trojan, “an aggressive piece of malware that has been hijacking computers to serve as attacker bots’ since early 2007) that is furtively installed on victims’ PCs. (Generally, only unpatched Windows-based systems are vulnerable).
Since many of these malicious messages imitate notifications from legitimate e-card sites, recipients should get into the habit of never clicking on links contained within e-card notification e-mails. Instead, go directly to the web site of the card company, find the card pickup page within that site, and enter the ID code included in the e-mail. (If the message was a fake, the worst that will happen is that you won’t get a card.)
NOTE: Readers should take particular care not to confuse the real postcard/greeting card virus with the “Virtual Card for You” hoax that has been circulating for several years. Some of the “Postcard” warnings contribute to this confusion by including within them a link to http”//www.snopes.com/computer/virus/virtualcard.asp , our article about the “Virtual Card for You” hoax. They’re not the same thing, despite some e-mail warnings that erroneously present them as such.

Editor’s Note – treat anything with suspicious subject lines such as described above and treat it as malicious email and/or links to malicious web pages.
SOURCES:
Advertisements