E-cards are created the same way Web sites are; they’re built on the Internet just like this page. So when you send someone an e-card, you’re actually giving them a link to click, which takes them to the online greeting card you created for them.
You should always approach links in e-mail with caution. Sally Babcock, General Manager and Senior Vice President of American Greetings Interactive, a popular destination for sending both online and offline greetings, agrees:
“Phishing attacks using e-cards are similar to all other types of phishing attacks in that they play upon a computer user’s unawareness or inattention,” she says. This means an e-card you receive could actually be one of the following:
A phishing scam or other fraud designed to steal your personal information. The card could contain links that take you to a fraudulent Web site that could compromise your computer.
Spam or a spyware installer that displays pornography or other unwanted images on your desktop, launches adult-oriented Web sites, or barrages you with pop-up ads (even when you aren’t on the Internet).
A computer virus that scans your e-mail addresses and then sends a bogus e-card to your personal and professional contacts—typically without your knowledge. The fake e-card and virus may even appear to be from you.
How to avoid fake e-cards
Recognize the sender of the e-card. If you’re unsure of the sender, do not trust the card. Companies should have standard, clear ways for you to recognize that the e-mail is not a fraud. For example, with MSN Greetings, the “from” always shows “Ecard from MSN Greetings” as the display name and “ecards/@/msn.americangreetings.com” as the e-mail address. Make sure you check both the display name and e-mail address of the sender.
When in doubt, use alternative viewing methods. Do not click any links when you are not sure of the sender or intent of the email. For example, if you use MSN Greetings, you can view your greeting on the MSN Greetings Web site. Type http://msn.americangreetings.com into your Web browser and click the link in the upper right-hand corner that says ecard pickup.
Keep your anti-virus and anti-spyware programs up-to-date
Make sure your Windows Firewall is turned on
Keep Microsoft Windows and Microsoft Office programs up to date with security updates
Install antivirus software and antispyware software
Never download or click on anything from a site you don’t know or doesn’t “feel” or look right (lots of mistakes, poor grammar, misspellings, etc.)
Be wary of an e-mail message or file attachment from someone you don’t know, that seems suspicious, or if it’s from someone you know but you weren’t expecting an attachment from
Always preview a link’s Web address before you click it. If the link doesn’t show an address, move your mouse pointer over a link without clicking it to see where the link goes. (The address should appear on the bottom bar of your Web browser.)
Don’t accept an end-user agreement without reading the fine print first; you might inadvertently agree to install spyware or something else you don’t want.
The safest thing to do is never click an email link unless you are absolutely sure you know and trust the sender. We know this is not always practical but it’s always the safest way to go.