December 30, 2009 > Blue Mountain e-Card Malware Scam
Blue Mountain e-Card Malware Scam
Submitted By Kevin Wilson
Email security experts at Red Condor have issued a warning about a new e-Card spam campaign that appears to come from American Greetings' BlueMountain.com. The email, with the subject line "You received a Blue Mountain e-Card!" suggests that users "need to install the Macromedia Flash Plug-in" to see the "complete version" of the e-Card. The entire body of the email, which includes the header and footer of a legitimate Blue Mountain e-Card, is an executable. Clicking on any part of the messages launches a browser window, and depending on a user's browser security settings, may download a virus automatically with only a single click. Red Condor discovered the spam is being distributed by a botnet and has been aggressively targeting Internet Service Providers. The virus has also been identified as a banking Trojan.
"E-card scams are fairly common around the holidays, but there is a reason that spammers continue to return to their old tricks," said Dr. Tom Steding, president and CEO of Red Condor. "People like e-cards and trust sites like BlueMountain.com. However, as we have seen in the prevalence of social media spam throughout this year, people need to be guarded about what they click on in their emails. Even though the email may appear legitimate, people should look for subtle things like spelling and grammar errors or if the embedded link will send them to some random web site."
The virus was detected by Red Condor's proprietary New Domain Detector (NDD) and Spam Trigger (formerly Spam Trip Wire) technologies. Both of these techniques identify spam and virus campaigns before they penetrate users' networks. Once identified, the campaigns are quarantined and reviewed as rules are written and automatically distributed to Red Condor's appliance and Hosted Service customers. The NDD monitors all URLs in all messages sent through all exchangers. Red Condor is revolutionizing spam fighting with its next generation technology. For more information, visit www.redcondor.com.