Wow! I sure am getting popular. My old girl friend and my “soon to be ex” wife are sending me love notes.
After realizing I wasn’t suddenly the most important person in everyone’s heart I did some checking. It seems that there has been a huge, and I do mean huge, resurgence in the old e-card scam.
Absolutely everyone I know has received multiple e-cards in the last few months. Your Mom wanting to say Hello, Greeting from an old school chum, everyone’s mailbox is jammed with E cards. With numbers in the 200 million range, most of your friends are included.
Why are we getting this Spam? Simple. Your computer is being setup as a Bot controlled by a Botmaster. You will be one of thousands used to do the bidding of your master. By spreading their tasks over computers like yours they are getting billions of dollars of free bandwidth and hardware.
While the total scam is known as a Peer To Peer Bot Net, this particular infection is a variation of the “Storm Trojan” or JSE-card-A Trojan. According to Government Technology it accounts for 6.3% of all spam seen in the global traps set by sophoslabs.
Once in your mailbox and opened the email invites you to click on a link that takes you to a compromised zombie computer hosting the JSE-card-A Trojan. Instead of an uplifting greeting you receive a costly infection. Unprotected computers could go for weeks without knowing they have been captured. Eventually the computer slows until the problem must be addressed. This is usually when consumers take their trusty box or laptop to the local shop (Ka-ching!), or go to the their favorite help site to see what’s wrong.
Once aware that I was infected it took only about 4 minutes to identify, download an antivirus product effective against that infection, and remove the infection from the computer. Four little minutes, Wow, maybe I am getting better at this computer stuff. After thanking Jacee for her help and double-checking that all was in working order, I turned off the box, and feeling a little smug, went to bed.
Suns up, coffee is brewing, turn on the computer to check the morning mail…Huh? E-mail from my Internet service provider. Must want to give me even more bandwidth for free, maybe a discount for being such a good customer. Bummer it’s only a warning letter about spam. No big deal, I’ll just delete it and be on my way. What the heck, why can’t I send e-mail?
It’s now three days later and I’m punching numbers on my phone pad. The voice is saying, “press 1 if you are a federal….” “Press 2 if you are a state or local law enforcement agency” “Press 3 if you are a Comcast customer. I haven’t been able to send e-mail for three days. Although the “one click fix” that my ISP offers might work for some e-mail addresses it doesn’t work for my work address.
When I finally get to the gentleman at the other end I am humbly asking that I not have to change ports to send e-mail. I explain that the problem has been dispatched properly and that there will be no more offending e-mails coming from my freshly healed computer.
As has always been the case with my ISP, he indicates he will correct the problem. He’s also willing to answer a few question and offers that the normal ports used to send and receive e-mail are shortly going into retirement due to their use by spammers. Because of this, third party e-mail clients will need to use alternate secure ports. Specifically the abused ports are 25 and 110.
So now, the numbers I’m hearing from Matt on Friday’s Today Show and the multitude of articles I’m seeing on the Internet, are starting to make sense. My feelings of smugness have certainly disappeared. If I add up the cost of time, a good AV program, and the loss of work performed, the tab is a big one.
The figures of 1 in 4, or 7 million computers replaced annually due to viral infections, and 7 billion dollars wasted yearly, will get anyone’s attention.
So what do we do to avoid being a part of this huge scam?
1. Install reputable antivirus software.
2. Update it now and often.
3. Do not open any e-mail or click any links that are vague or unknown.
4. Absolutely avoid links that use the format XXX XXX XXX XXX or a set of four numbers in their links.
5. And most important of all, do not open e-mail from your soon to be ex.
