With Valentine's Day upon us, you may be receiving so-called "e-cards" in your email inbox. Some may come from anonymous senders or secret admirers. They might appeal to your curiosity and cause you to click on a link, claiming that the e-card is from a family member, friend, or other unnamed person.
Watch out! Scammers have jumped on the popularity of e-cards, viewing them as an opportunity to infect your computer with malicious software (malware).
Although there are variations in the message and attached malware, generally the email directs the recipient to click on a link provided to view the e-card. Upon clicking the link, the recipient may be taken to a malicious web site.
A legitimate e-card notification will always include the full name or personal email address of the sender. The sender will never be identified by a generic term such as a "friend" or "secret admirer". Unless you recognize the full name or personal email address of the sender, the email is likely to be fraudulent, and you should delete the message. For greater security, we suggest that if you do receive an e-card from someone that you know, you can email them and ask if they sent it before you click on any links in the message.
Some scammers may use the names of legitimate e-card companies. However, the link in the email may lead to a web site where malware is downloaded and installed on your computer. This malware can potentially give the hackers unlimited access to your computer. With such access, they may view your keystrokes, steal your passwords, or generate spam.
Here are some additional tips from the FBI that you can use to avoid becoming a victim of internet fraud:
- Do not respond to unsolicited (spam) email.
- Do not click on links contained within an unsolicited email.
- Be cautious of email claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders.
- Avoid filling out forms in email messages that ask for personal information.
- Always compare the link in the email to the link that you are actually directed to.
- Log on to the official web site, instead of "linking" to it from an unsolicited email.
- Contact the actual business that supposedly sent the e-mail to verify if the email is genuine.
So this Valentine's Day, don’t allow a scammer to infect your computer with a "love bug" (that’s the name of an actual worm or virus that caused billions of dollars in damage to computers worldwide).