Thursday, November 29, 2007

American Greetings draws a line in the sand against ecard scams!

Recently, we've seen electronic greeting cards (ecards) loaded with malicious software sent out by the millions in spam e-mails. For the person, who accidentally opens one up, the end result is (probably) an unfortunate experience of one kind or another.

With the holidays upon us and spam levels increasing, we will more than likely see another rash of ecard spam (scams).

The unfortunate experiences range from having your system turned into a zombie (part of a botnet to send out more spam e-mails) to having all your personal details recorded with keylogging software and sent to scammers, who use it to make you an identity theft statistic.

Of course, people are also often tricked into giving up their details via social engineering techniques, also.

Symantec recently issued findings that 71 percent of all e-mails are spam. Breaking it down further, spam is the preferred vehicle to further fraud, phishing and financial misdeeds on the Internet.

Going back to the ecard scam phenomenon, a warm wish from someone is a pretty sneaky form of social engineering (deception) designed to trick someone into downloading something on their system they shouldn't have.

In response to this, American Greetings, recently launched a campaign to educate the common person how to tell if the greeting they receive is from a friend or a foe.

Here are some information bytes from their new page about what they have done to stop ecard scams: has changed the format of all ecard notification emails sent to ecard recipients. Now legitimate ecard notification emails from us will have all of the following attributes:

The "from" will always show "Ecard from" as the display name and as the email address. Make sure you check both the display name and email address of the email.

It should appear as the following: "Ecard from"

The subject line will always include the name of the individual sending the ecard. Make sure you recognize the individual in the subject line before clicking on any links. It should appear as the following:"John Smith has sent you an ecard from" ("John Smith" is the individual sending the ecard to you).

The email message will include the name and email address of the sender. Make sure you recognize the individual in the email message before clicking on any links.

We have made it easier to find the ecard pickup area on our site, so you can quickly and safely view your greeting without clicking on any email links. On, it is now located in the upper right-hand corner of the homepage (

They also offer some sage advice on how to avoid becoming a victim:

First and foremost, if there is any suspicion that you have received a fraudulent ecard email, do not click on any link.

If you have any doubt who the email is from, manually type in after the http:\\ found in your Internet browser.

Then find the ecard pickup link (ours is found in the upper right-hand corner of our homepage: to safely view your ecard.
Last, but not least some pretty informative information on ecard scams in general:

A wide variety of websites and brands have been affected. While the subject line of the malicious ecard email tends to be generic, such as "You've received an ecard from a class-mate!" or "You've received a postcard from a family member," more recent examples include brand-specific messaging such as "Worshipper sent you a postcard from" Also, the pickup link within a malicious ecard email is most likely always an IP address, such as, which is much different than the typically used pickup link from a legitimate ecard sender that starts off with the host name (e.g., and not a series of numbers. As of August 23rd, we have started observing fake emails where the link shows a host name (e.g., but the actual link goes to an IP address instead of To see if there is an IP address associated with the link, hover over it with your cursor. If you see a URL when hovering over the link that has a series of numbers, such as http://89.678.999.12, it is not a legitimate link and you should not click on it.
If you are interested in viewing the rest of this resource before you open an ecard, the page on their site can be seen, here.

Of note, they have some pretty good visual demonstrations that can be seen on the page.


dj said...

These folks are one on many that offer the "free trial scam". They bill your credit card annually, forever, unless you cancel. The catch is that there is no place to cancel on their web-site and no phone number to call.

Anonymous said...

DIDO, I emailed them and erased my account informat a month ago, but they just sent me an email saying they will renew and use the account information that was used previously. FRAUD ALERT.

"We know you appreciate what a time-saving, affordable and fun way it is to stay in touch with friends and family using That's why we've made it easy for you to renew your eCards membership.

In fact, it's so easy, you don't have to do anything!

Your current eCards membership will renew on 01/04/2009 17:48. To ensure uninterrupted service, we'll simply use the payment method we have on file for the $15.99 due, unless we hear from you. That means another whole year of access to one of the most elaborate collections of creative greetings available online...without lifting a finger!

And the best part won't have to worry about missing a single birthday, anniversary, holiday, or any other occasion - big or small.

If you have any questions, please visit our Help pages
...but please don't reply to this email because we won't receive your response.

For your records, here is a copy of the Terms of Sale.

If you do not wish to continue your membership, instructions on how to cancel can be found in our Help pages. Go to, sign in , and click on 'All About my Paid Membership' Please be sure to reference your membership ID #:123456789.

We know that your loved ones appreciate your kindness and thoughtfulness, and we're happy to be here for you, 24/7. Why not share the excitement and send a greeting right now? Go to:

Your Friends at

A Class action lawsuit is the only way these companies learn and with all the negative TV news reports on the lawsuit they will be forced to provide a means of cancellation and stop their neglagent work habbits.

Anonymous said...

Support Center at 1-800-711-4474 between the hours of 8:00 a.m. and 8:00 p.m. EST Customer Monday through Friday, or between 8:00 a.m. and 4:00 p.m. on Saturdays.

hidden deep inside their files. Also, they have cancel links to cancel which goes to FAKE web sites that are not them.