Oh brother, don’t tell me you fell for that one! All capital letters, lots of exclamation marks, the classic signs of bad news. Yeah, Halloween is around the corner and it is about time for the fake e-cards to make their rounds and the emails with links to “videos” that are not really videos at all. This happens every year.
If you receive an email purporting to be an e-card make sure it is addressed to you specifically. Make sure the email comes from someone you know. You will not get a legitimate e-card from “a friend”, “a family member”, “an admirer”, or anyone else not explicitly stated by name. Next make sure the link to the e-card points to a legitimate e-greeting site. If you don’t know then either don’t click on the link or do some research.
The next attack will be the fake video. This is the scariest, the grossest, the funniest, the freakiest… “Hey check this out” and so on. In most cases these links will either tell you that you need a video codec or start a fake scan and tell you that your computer is infected, or both.
You effectively never need a new codec, it is virtually always a scam designed to install malicious software on your computer. If you need a new codec than download the current version of your media application and it will have the appropriate codec 99.999999% of the time.
The twist this year is the malicious emails, tweets, instant messages, and social networking site messages that come from someone you know. A lot of webmail accounts and social network accounts have been hijacked in recent times. This means that the message will come from the account of someone you know, but they won’t really be the ones who send it. If you receive a link to an e-card, a video, a song, whatever, from someone you know via Hotmail, Gmail, Yahoo mail, any web mail, or from IM or social networking sites, talk to your friend before you click on the link. Make sure it really is the person you know who deliberately sent the link and not an imposter who hijacked their account.
Watch out for Twitter this Halloween. I will be shocked if Twitter is not used extensively to send links to malicious websites. The medium is perfect for this type of abuse and the extensive use of obfuscated URLS makes it so easy to hide the malicious links.
Finally, before you click on anything make sure your operating system is fully patched and your antivirus is current. For Windows go to http://update.microsoft.com, even if you have automatic updates turned on it is a good idea to periodically check and make sure it is working. Automation breaks. But you are not done yet for home users your next stop is either http://secunia.com/vulnerability_scanning/online/ or the more thorough http://secunia.com/vulnerability_scanning/personal/ to make sure all of your other applications are fully patched. Yes, some of the websites the links point you to will infect your PC when you simply visit the site if you are not patched.
Have a safe Halloween and don’t take candy, e-cards, videos, or tweets from strangers.
Director of Technical Education
Author ESET Research, ESET