I just spent 5 hours of my life fighting this one off around here.. FYI.. Do not click on the link contained in the email if you get it!
McAfee has received a number of reports, which cite mass-mailing behavior from friendlygreetings.com E-cards. AVERT has examined samples of the messages and our findings are as follows:
1) When users access the URL, in the E-card, an installer program is
downloaded locally
2) When the installer program is run, an End User License Agreement
is presented. The EULA states that it will send an email to all
the users contacts. When users accept this EULA, the email
is sent.
3) This is not a worm, virus, or exploitation.
McAfee is building gateway-only detection, for this program, into the DATs.
Only the gateway-scanning products (Webshield SMTP, ePPliances) will
detect this non-viral program.
A VIL description has been posted at the following URL:
http://vil.nai.com/vil/content/v_99760.htm
McAfee has received a number of reports, which cite mass-mailing behavior from friendlygreetings.com E-cards. AVERT has examined samples of the messages and our findings are as follows:
1) When users access the URL, in the E-card, an installer program is
downloaded locally
2) When the installer program is run, an End User License Agreement
is presented. The EULA states that it will send an email to all
the users contacts. When users accept this EULA, the email
is sent.
3) This is not a worm, virus, or exploitation.
McAfee is building gateway-only detection, for this program, into the DATs.
Only the gateway-scanning products (Webshield SMTP, ePPliances) will
detect this non-viral program.
A VIL description has been posted at the following URL:
http://vil.nai.com/vil/content/v_99760.htm
Facebook
Twitter