Carnegie Mellon University Website Home Page
 
Skip navigation and jump directly to page content
News
Security News Archives
2009
February
Security Alert: Adobe Reader & Acrobat Unpatched Vulnerability – Attacks Underway
Security Alert: Virus Emails - You've received A Hallmark E-Card
Accounts
Network, Phone & TV
Software
Email & Calendar
Secure Your Computer
Clusters & Printing
Web Services
Classroom & Event Support
Training & Education
Technical Support & Services
Campus Partners
Information Security Office (ISO)

Security Alert: Virus Emails - You've received A Hallmark E-Card and You have got a new E-Card from your friend!

Who: Everyone

What: Virus Emails - You've received A Hallmark E-Card!, and You have got a new E-Card from your friend!

When: February 25th, 2009


How:
Virus Emails - You've received A Hallmark E-Card!Virus emails have recently been sent to Carnegie Mellon email accounts claiming to be from e-cards@hallmark.com or e-cards@americangreetings.com.  The messages include a postcard.zip or similarly named attachment. PLEASE DO NOT OPEN THE ATTACHMENT!

A sample of the Hallmark virus message follows:

From: postcards@hallmark.com

From: e-cards@hallmark.com
Sent: Wed.25, 2009 10:20 am
Subject: You have received A Hallmark E-Card!

Hello!

You have received a Hallmark E-Card from your friend.

To see it, check the attachment.

There's something special about that E-Card feeling. We invite you to make a friend's day and send one.

Hope to see you soon,
Your friends at Hallmark

Your privacy is our priority. Click the "Privacy and Security" link at the bottom of this E-mail to view our policy. Hallmark.com | Privacy & Security | Customer Service | Store Locator

A sample of the American Greetings virus message follows:

Subject: You have got a new E-Card from your friend!

From: e-cards@americangreetings.com

Date: 10:20 AM

To see the complete card check the attachment.

From: postcards@hallmark.com

You're a Wonderful Friend
Because you make me laugh...
Because you're there for me even before I ask...
Because you understand me even when I'm not making sense...
Because I don't know what I'd ever do without you...
That's why our friendship means so much to me.

  • help center
  • ecard site map
  • create & print site map
  • advertise with us
  • affiliate program
  • privacy policy
  • terms of service
  • about us
  • investor relations
  • press room
  • recalls
  • AmericanGreetings.com is a service of , a subsidiary of American Greetings

Copyright © 1997-2009 AG.com, Inc. all rights reserved.

If you suspect your computer has already been compromised, STOP! Immediately take the following steps:

  1. Disconnect from the network - turn off wireless or unplug the wired network cable.

  2. Discontinue use of the machine but DO NOT power off.

  3. Contact the Information Security Office at (412) 268-2044 or iso@andrew.cmu.edu or your departmental computing administrator/DSP consultant for further instructions.

If your computer is managed by a Carnegie Mellon departmental computing administrator, please consult that person before making any system changes.

What You Need To Do:
Follow the detailed steps below:

  1. If you opened the attachment and Symantec AntiVirus did not alert you that it caught the threat, your machine may be infected and may need to be cleaned

    Immediately contact your departmental computing administrator or the Computing Servics Help Center at x8-HELP(4357) or send email to advisor@andrew.cmu.edu for further instructions.  

  2. If you received or opened the message and did not open the attachment, enable spam filtering and delete the message.

    See Enable Spam Filter Using Portal  

  3. Secure Your Computer***

    Mac instructions

    Windows Vista instructions


Contact:

Please direct any questions or comments to the Computing Services Help Center at x8-HELP (4357) or advisor@andrew.cmu.edu, or to your departmental administrator or DSP consultant.