E-Greetings from hell by Chris Crawford
NOTE: This is a modified version of a blog (web log) entry that Chris posted November 24 on TSblogs.com
I extend my best wishes for a warm, calm and delicious holiday, and I hope that you and your family enjoy the many bounties that we have. Since it "tis the season," you're likely to receive electronic greetings in addition to the US mail variety ... but a little word to the wise about electronic greeting cards is in order. The short answer is "if in doubt, DON'T OPEN IT."
Don't be so quick to click ... look for a few telltale signs of danger. For instance, legitimate e-cards: * come from the sender's email address, or at least names the sender in the email. * come from a reputable source (Blue Mountain, etc). However, evil e-cards that carry viruses: * don't name who they are coming from, and just say "from a friend," or "from a family member." * come from screwy, unfamiliar "companies," such as Friendgreetings, Friendcards, Cooldownloads, or Laughmail. Some of these rats actually send fake emails that look like they are coming from legitimate e-card vendors such as All-yours.net (www.all-yours.net). It is important that before you assume it's real, run your cursor over the "link" that is supposed to lead to your e-card. DON'T CLICK, but just read the address that appears at the bottom of your browser. If is says anything except what the text reads, they are trying to fool you into going somewhere else. If the address they are trying to send you to ends in an EXE, delete the email as fast as you can. EXE is executable code that will launch a virus or other malicious code. Some of these e-creeps are even smarter ... they say to click on the link, but the link is not "live." The instructions say if the link doesn't work, copy the Web address, paste it into your browser and when you arrive enter some innocuous sounding phrase like "CLOUDS-IN-THE-SKY," which then leads to a malicious download. Here are a few links to sites to help you identify malicious E-cards: MacAfee ( http://dispatch.mcafee.com/esecuritynews/nov2002/news_ecards.asp ), the anti-virus software provider Hoax Slayer (http://www.hoax-slayer.com/all-yours.net-fake.shtml ), a good reference site to spot hoaxes. Ball State University ( http://www.bsu.edu/security/article/0,1384,86674-5031-36503,00.html ) warning to students What's even sadder is that in 1999, hoaxes started circulating that legitimate e-card vendors such as Hallmark and Blue Mountain carried hidden viruses. These companies spend considerable resources trying to build public confidence in the safety of their products. Now, these companies appear to be the only safe ones from which to send or receive e-cards. It is the season of Peace on Earth, Good Will to Men ... only not everyone will be sending you their good will. Armed with a few tips, you can enjoy electronic greeting cards to go along with your paper cards. Just trust but verify before automatically opening ANY e-card. To learn more about safe computing, become active in the Redwood Technology Consortium. The RTC is our local tech gift to the North Coast. Merry Christmas everyone !!! Crawford is president of Justice Served, a court management and technology consulting firm working with courts and justice agencies worldwide. Locally, he serves on the boards of directors for Humboldt #1 Fire Protection District (www.hfd1.org), the Eureka Chamber of Commerce (www.eurekachamber.com), and the Humboldt Business Council (www.humboldtbiz.org), and is an active member of the Redwood Technology Consortium (www.redwoodtech.org).
There are some legitimate e-greeting card sources out there such as Blue Mountain ( www.bluemountain.com), Hallmark (www.hallmark.com), Yahoo Greetings (www.yahoo.americangreetings.com) and others. Increasingly, friend and relatives choose these virtual cards to commemorate birthdays, holidays, etc, so we're getting used to receiving and opening them