Sophos is warning PC users against unwittingly sending e-cards to their entire email address books, thanks to FriendGreetings.com. Sophos have received several calls from users concerned they have received or sent a virus disguised as a link to greetings card sent via the website. Sophos is advising users that the the email is not viral, but is in fact the result of an online marketing initiative run by the e-card company. MessageLabs are blocking all emails associated with this program.
Users following the link are invited to install an ActiveX control in order to view their e-card. Two lengthy end user licence agreements (EULAs) are displayed stating that by running the application the user is giving permission for a similar email to be sent to all addresses found in the users's Outlook address book. In many cases, users will not bother to read the EULA and will allow numerous unwanted emails to be sent.
"A flood of unwanted email can be as much of a problem as a genuine virus. This isn't a virus, or a worm - but it could be considered a real nuisance," said Graham Cluley, senior technical consultant at Sophos. "Companies should tell staff that running code from the internet is only allowed if permission has been given by their IT department. Too many people are blindly believing everything in their inbox when simple safe computing procedures can reduce the risk of spreading a whole range of internet nasties."
MessageLabs commented, "A serious side-effect of this kind of program is that it by allowing it to run, you may potentially breach many laws governing data protection, by allowing the email addresses in your address books to be used for purposes other than that for which they were originally collected and without the consent of the recipient."
Sophos advises practising safe computing to prevent infection by viruses or being targeted by viral campaigns. Specifically, companies could consider blocking employee access to www.friendgreetings.com and block emails containing the words 'you have an E-Card from' in the subject line.
Further details on the FriendGreetings email and how to stop it entering your company can be found at: