September 23, 2009, 12:06 PM — Everyone likes getting cards. I'd prefer paper-cards to an e-card, but hey, I'm not choosy. Any card is still a sign that someone's thinking well of me. Except, of course, when it's not really from a friend, but a soul-less bot trying to infect my computer with the latest malware.
In particular, it seems like a day doesn't go by that I get a Hallmark e-card in my e-mail, and every last one of them has been spam message bearing malware or an attempt to get me to link to a malicious Website. I'm not the only one.
A quick look over the Web showed me that Hallmark malware spam seems to come in waves. And, yes, we're getting another tidal wave of them now. As the holiday season approaches, I'm sure we'll only see more of them.
As it happens, Hallmark does sell real e-cards, so you can't just delete every e-mail that comes along that proclaims it's a Hallmark card. Fortunately, there are ways to tell the real cards from the bad ones.
Hallmark's own list of how to tell if an e-card has really been sent to you by a friend is a good start. Hallmark's list includes:
1. Hallmark e-card e-mails do not include any attachments. To be safe, if you receive an e-card notification with an attachment delete it immediately then empty your "trash" or "deleted e-mails" from your email client.
2. A legitimate Hallmark e-mail notification will come from the sender's e-mail address, not Hallmark.com.
3. The sender's first name and last name will appear in the subject line. If you do not recognize the name of the person sending the E-Card, do not click on any links in the e-mail. Delete the e-mail.
4. The notification will include a link to the E-Card on Hallmark.com as well as a URL that can be pasted into a browser.
5. The URL will begin with http://hallmark.com/ followed by characters that identify the individual E-Card.
6. Hallmark E-Cards are not downloaded and they are not .exe files.
7. In addition, Hallmark.com will never require an E-Card recipient to enter a user name or password nor any other personal information to retrieve an E-Card.
To these, I'll add those old basics of never opening e-mail from a stranger and never, ever open attachments or click links from people or groups you don't know. Sure, it might really be from someone you want to hear from but the odds are orders of magnitude higher that it's from a spammer.
It would be nice if we could trust our e-mail, but sadly, when it comes to e-mail in 2009, paranoia is the best approach.