Malware Spreading via Malicious Ecard

US-CERT is aware of public reports of malware spreading via malicious Christmas and New Year's Ecards. The reports indicate that the malware is spreading via emails containing a link to the malicious Ecards. If a user clicks the links found within the Ecard they will be prompted to download an executable. If users accept the executable, malware may be downloaded and installed onto their system.

US-CERT encourages users and administrators to take the following preventive measures to help mitigate the security risks:

• Install anti-virus software, and keep its virus signature files up-to-date.
• Do not follow unsolicited web links received in email messages.
• Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
• Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.
  

Read more: US-CERT Current Activity