There’s a war on Thanksgiving and Christmas, but it’s taking a very different form than what commonly gets reported in the news media.
This war is being waged by hackers and scammers, and they’re waging it by poisoning Holiday eCards designed to facilitate the distribution of malware.
BleepingComputer discovered the trend, noting an uptick of emails bearing headings like “You Have Received a Thanksgiving Day Greeting Card!”
Inside these emails, recipients find a word file bearing titles like “Thanksgiving-eCard.doc,” with the body of the email providing helpful instructions.
All the user must do to see their eCard is open the doc and click the enable content button. Of course, doing so doesn’t display an eCard at all, but rather, installs whatever malware the email sender has decided to embed.
The Holidays are a time when everybody tends to let down their guard. After all, who doesn’t enjoy getting fun, festive cards? That’s exactly what the hackers are relying on. It’s a clever bit of social engineering that has been finding success, which is only encouraging the hackers to employ the strategy even more.
Even if you haven’t received an email like this, you likely know someone who has. Spread the word so more people are aware of the threat. It’s such a shame that things like this are a reality that dampens the spirit of the season, but that’s the reality. The more people we can alert to the dangers, the smaller the impact will be.
Stay on your guard, let all your employees know, and keep a watchful eye out. As ever, the best defense is vigilance. Don’t open emails from people you don’t know, and certainly don’t open any attachments that may be embedded in those emails. That’s the key to having a hassle-free Holiday season this year.