Physics 3333 / e-cards from "family"


Another Scam Coming Around Again

Another scam e-mail has been landing in Prof. Cotton's inbox. Take a close look at one.

How nice - an e-card from someone

Look at it carefully. Notice that nowhere does it use Prof. Cotton's name. It is completely generic. The return address is forged. The web address is not immediately recognizable - it is in the form of an IP address.

So what is the deal??? If you should do as requested and actually visit that web site, it will install a malicious trojan or virus on your computer. It may try to add your PC to a spamming botnet. If you have full virus protection, your defender will likely catch it. By the way, the "xxxx" in the target URL was "http"; we killed that to prevent virus detection.

Now look at it with all header and spam detector information displayed.

The whole story

Search down and find the "Received from" entry. That is certainly not Postcard.com.

What to Do With It?

If the e-card announcement message does NOT have your name, but rather contains a generic reference (family member, classmate, etc.), delete it. Do NOT click on the link or do anything else it asks you to. If the "from" address looks like that of someone you know, send THEM a message asking if the e-card is real.

If you can, display the full header information. Find the "Received from" information and inspect it. That will give you a clue.

Thoughts

It's unfortunate that scammers will spoof anything and everything in the attempt to hook you. There's no such thing as being TOO careful.