Greeting Hackers

Cyber crooks are once again blasting out fake holiday e-greeting cards in a bid their special kind of cheer. Also, there are signs that computer viruses may again be piggybacking on digital photo frames and other data storage devices that make popular holiday gifts.

E-greeting scams are hardly new, but they tend to increase around major holidays, probably because consumers are more receptive to opening them at these times and because more people are home in front of their computers.

Most of these e-greeting scams try to foist malicious software by claiming the recipient needs to install some application in order to view the card, such as Adobe's Flash Player. Almost invariably, the downloaded program isn't a legitimate add-on, but malware.

According to Symantec, some of the fake e-card domains being used in this scam include (please don't visit any of these sites):

* [http://]itsfatherchristmas.com
* [http://]bestchristmascard.com
* [http://]whitewhitechristmas.com
* [http://]christmaslightsnow.com
* [http://]freechristmasworld.com

Most legitimate e-greeting card vendors will include a code in the message that you can enter at their Web site to claim your card. If you believe an e-greeting message is legitimate, avoid clicking on links in the message, and instead, type the name of the greeting card provider into the address field of your Web browser, and then enter the claim code the vendor provided in the e-mail. Under *no* circumstances should you install any software in order to view a card.

In other news, PC World reports that Samsung recently shipped a bunch of digital photo frames with a CD that contained malicious software. If experience over the past few years is any indicator, this won't be the last such incident with factory-shipped malware.

Digital storage devices are built into a wide range of products that consumers will give and receive this holiday season, from photo frames to MP3 players to digital cameras. Trouble is, it is not uncommon for these types of devices to become infected with malicious software even before they leave the factory floor.

In some cases, as the SANS Internet Storm Center notes, the devices pick up digital hitchhikers from customers who return the items after plugging them into their infected PCs. If those items are repackaged and resold without proper testing by the manufacturer or seller, the next customer who buys that item could end up with an unwelcome bonus.

These digital hitchhikers generally rely on Windows users that have the "AutoPlay" feature, which as its name suggests is a setting that automatically runs or loads file directories when the user pops in a CD or device with embedded digital storage. Many legitimate program installation CDs count on users having AutoPlay turned on, so that the mere act of inserting a CD begins the program installation. Unfortunately, malware also can take advantage of this feature to automatically install itself should a user pop in a CD or digital device with one of these hitchhikers tagging along.

By turning off AutoPlay, Windows users can run an anti-virus scan against external media before running or opening any of the included programs or files.

To turn off Autorun in Windows XP, open My Computer, then right click on the icon for your CD/DVD player, and select properties. Click the "AutoPlay" tab. Then, for each file type, select "take no action" and hit "apply." In Windows Vista, turning off AutoPlay is easier: Go to "Control Panel," then "Hardware and Sound," then "AutoPlay," and then just remove the check mark in the box next to "Use AutoPlay for all media and devices."