—-Updated: 16 Aug 07—-
Recent e-greeting card scams have started to change its “form”. The email address of the sender is no longer from those “e-greeting” websites, but any random email address. The link may also be an IP address only. A typical one looks like the attached mail below. They have also introduced more fake website names such as googlygreetings.com, 1lovecards.com, funnygreetings.net, etc.

From: gaohaf@fina.hr [mailto:gaohaf@fina.hr]
Sent: Thursday, August 16, 2007
Subject: Musical card mail

Son(gaohaf@fina.hr) has created Musical card for you mail
at googlygreetings.com.

To see your custom Musical card, simply click on the following link:

Send a FREE greeting card from googlygreetings.com whenever you want by visiting us at:
This service is provided and hosted by googlygreetings.com.
—–End Attached—–

—-Updated: 6 Aug 07—-

We have updated the list of subjects and domains used in the ongoing,
online greeting card, postcard scam that is sent via email. They will
contain the following link that is harmful:

Beware of malware, virus, trojans that will result in crash PC, lost
identity, lost login information, that will cause indirect destruction
of your bank account. Such mails are no less harmful than those requiring you to download a “patch” or software that contains the bad codes.

Just a side track: You might not believe how easy it is for someone to plant the malware or virus on your PC, especially when it is Naked without any anti-virus software. During my training in the Certified Ethical Hacker course, we were shown a site owned by one of our senior trainer. There was a title saying “Click to see the naked pictures of <a celebrity>”. That ONE click alone will be enough to install any germs, malware and virus on your site.

One thing we must always keep in mind is to respect hackers. By respecting, what I mean is that everything we do online, keep them in mind because sometimes a wrong move at the wrong time when we are least alert will be enough. Its just like locking your house door and windows. If you own a castle, all it takes is just ONE unlock window among the 100s of windows for the uninvited to enter.

You see, the Security personnel are always looking for this ONE window to patch up. Whereas, the Hacker is always looking for ONE window that is opened for them to enter. Everyday, the race to find that “window” first has never stopped.

And when hackers send you email to install “patch” or click on the “link”, they are basically telling you:
“Hey, please open up THIS window for me.” He knows exactly which window will be opened once you have taken the bait.

Remember the part we always say in many of our post and our Anti-Scam guide? Hackers and scammers do not expect to catch a full load of victims, just a few of you (or even ONE) per day who breaks the rule is “good” enough. That isn’t too difficult when they send mass mails in the thousands every week or month. We don’t expect everyone to be equal.

Ok, back to the greeting card scam. The following domains have been used in very recent e-greeting or postcard scams. Watch out!

And “fake” domains used include (and not limited to):








We did not check but believe that some of the sites above are legitimate, and Not those emails that you received.

They often have a Subject: (not limited to these)
“You’ve received a greeting ecard from a Colleague!”
“You’ve received a greeting ecard from a Class-Mate!”
“You’ve received a greeting ecard from a Family Member!”
“You’ve received a greeting ecard from a Mate!”
“You’ve received a greeting ecard from a Neighbor!”
“You’ve received a greeting ecard from a Neighbour!”
“You’ve received a greeting ecard from a Partner!”
“You’ve received a greeting ecard from a School-Mate!”
“You’ve received a greeting ecard from a School friend!”
“You’ve received a greeting ecard from a Worshipper!”