Thursday, November 18, 2010

Reality and Analysis of Hoax Mail Containing Destructive Virus - - Email With an Attachment Entitled "POSTCARD" or "POSTCARD FROM HALLMARK"

Beware! Its a Cyber World - - Summary:


A widely spread warning message claims that an email with an attachment entitled "POSTCARD" or "POSTCARD FROM HALLMARK" will destroy the hard drive of the infected computer and has been classified as the most destructive virus ever.

In fact, this warning is a hoax but is causing confusion because it includes a link to information about a genuine but totally unrelated virus. Before going through the detailed Analysis below for further information; presented here the actual contents of the mail:

===============================================
Subject: Fw: HUGE VIRUS COMING ! PLEASE READ & FORWARD !

VERY IMPORTANT - BIG VIRUS COMING !!! PLEASE READ & FORWARD !!!

http://www.snopes.com/computer/virus/postcard.asp -
(Snopes lists all the names it could come in. )

Hi All,

I checked with Norton Anti-Virus, and they are gearing up for this virus! I checked Snopes (URL above:), and it is for real!!

Get this E-mail message sent around to your contacts ASAP.

PLEASE FORWARD THIS WARNING AMONG FRIENDS, FAMILY AND CONTACTS!

You should be alert during the next few days.
Do not open any message with an attachment entitled 'POSTCARD FROM HALLMARK,'
regardless of who sent it to you.

It is a virus which opens A POSTCARD IMAGE - it 'burns' the entire hard disc C.
This virus will be received from someone who has your e-mail address in their contact list. This is the reason why you must send this e-mail to all your contacts. It is better to receive this message multiple times than to receive the virus and open it.

If you receive mail called' POSTCARD,' even though sent to you by a friend, do not open it! Shut down your computer immediately.

This virus has been classified by Microsoft as extremely destructive.

McAfee discovered this virus yesterday.

This virus destroys the Zero Sector of the Hard Disc, where the vital information is kept.

COPY THIS BCC E-MAIL TO YOUR FRIENDS.

REMEMBER: IF YOU SEND IT ON, YOU WILL BENEFIT ALL OF US

=====================================================

Beware! Its a Cyber World - - Explanation:

According to this emailed warning, a virus is currently being distributed that will destroy the hard drive on the infected computer and has been classified by Microsoft as the most destructive virus ever. The message claims that opening an email attachment named "POSTCARD" or "POSTCARD FROM HALLMARK", will open a postcard image that will "burn" the entire hard disk on the infected computer and destroy the disk's "zero sector".

However, the claims in the warning message are untrue. As explained later in the article, the warning is just a newer variant of older virus hoaxes that have circulated for several years. Unfortunately, this variant has gained completely undeserved credibility due to the following factors:

* Since mid 2007, a series of malware emails that are disguised as eCard notification emails have been distributed. Some of these purport to be a postcard sent by a family member and include the word "postcard" in the subject line. Recipients who click a link in these bogus emails can unknowingly install malware on their computers. However, this malware is designed to steal information and give hackers access to the infected computer and does not destroy or damage the computer's hard disk. Since the goal of the criminals responsible for distributing this malware is to hijack the infected computer for their own nefarious purposes, their intention is certainly not to make it useless by destroying the hard disk.

Regrettably, because "postcard" is mentioned in both the real malware email and the bogus warning, many recipients have mistakenly concluded that the misinformation contained in the hoax email is genuine.

It is important to understand that the claims in the hoax email are in no way related to the real malware threat. Other than the reference to a postcard, the real malware threat and the fictional virus have nothing whatsoever in common.

* This version of the email includes a link to an article on urban legend site, Snopes.com that provides information about the genuine malware threat discussed above.

Unfortunately, it seems that many recipients are clicking the link in the bogus email and, after a cursory glance at the article, falsely concluding that the information in the hoax email is factual. If they were to actually read the Snopes article properly, they would very quickly realize that the information in the hoax message is totally unrelated to the genuine malware threat. In fact, the article quite clearly states that readers should not confuse the genuine threat with the old virus hoaxes.

Because of these factors, this hoax variant is spreading rapidly around the world and causing a great deal of confusion.

As the following example shows, this hoax email is just an altered version of the Olympic Torch Invitation Virus Hoax that began circulating in 2006:

You should be alert during the next days: Do not open any message with an attached filed called "Invitation" regardless of who sent it. It is a virus that opens an Olympic Torch which "burns" the whole hard disc C of your computer. This virus will be received from someone who has your e-mail address in his/her contact list, that is why you should send this e-mail to all your contacts. It is better to receive this message 25 times than to receive the virus and open it.

If you receive a mail called "invitation", though sent by a friend, do not open it and shut down your computer immediately.

This is the worst virus announced by CNN, it has been classified by Microsoft as the most destructive virus ever. This virus was discovered by McAfee yesterday, and there is no repair yet for this kind of virus. This virus simply destroys the Zero Sector of the Hard Disc, where the vital information is kept. SEND THIS E-MAIL TO EVERYONE YOU KNOW, COPY THIS E-MAIL AND SEND IT TO YOUR FRIENDS AND REMEMBER: IF YOU SEND IT TO THEM, YOU WILL BENEFIT ALL OF US

And the Invitation virus hoax is in turn just a variant of the even older Virtual Card For You Virus Hoax that has been circulating continually since 2001:

A new virus has just been discovered that has been classified by Microsoft as the most destructive ever. This virus was discovered yesterday afternoon by McAfee . This virus simply destroys Sector Zero from the hard disk, where vital information for its functioning are stored.

This virus acts in the following manner:
It sends itself automatically to all contacts on your list with the title: "A Card for You".

As soon as the supposed virtual card is opened the computer freezes so that the user has to reboot. When the ctrl+alt+ del keys or the reset button are pressed, the virus destroys Sector Zero, thus permanently destroying the hard disk. Yesterday in just a few hours this virus caused panic in New York , according to news broadcast by CNN.

This alert was received by an employee of Microsoft itself.
So don't open any mails with subject: "A Virtual Card for You. " As soon as you get the mail, delete it !! Please pass this mail to all of your friends.

Forward this to everyone in your address book. I'm sure most people, like myself, would rather receive this notice 25 times than not at All.

Thus, in spite of what may appear at first glance to be connections to a real malware threat, the information in this hoax email has no basis in fact. Forwarding it is entirely counterproductive because it serves only to spread misinformation and create confusion about the threat posed by the genuine malware emails.

If you receive this hoax email please do not forward it to others. And please take a moment to inform the sender that the warning is untrue.

No comments:

Related Posts Plugin for WordPress, Blogger...