An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Topic Options
#31957 - 12/01/14 12:02 PM Mac malware attack disguised as Christmas ecards
tacit Offline


Registered: 08/03/09
Loc: Portland, Oregon, USA
I'm starting to see a malware attack against Macs turning up in my email inbox. These look like fairly standard ecards from American Greetings or Yahoo Greetings. The email body copy reads:

"You've just received a Yahoo! Exclusive e Card via AmericanGreetings. com

Viewing your eCard is just a snap! Click on the following link:

(link redacted)

We hope you enjoy your eCard. If you have any comments or questions, please visit

(link redacted)

Sending ecards and creating printables has never been more e njoyable.
Get ready to experience the next generation of American Greetings

Thanks for usin g Yahoo! American Greetings .com

-----

The link LOOKS like it goes to American Greetings, but it actually leads to ecardg (dot) ggreetcards (dot) com. When you arrive there, you're asked to download the PowerPoint plugin if your browser doesn't have it. The site then attempts to download malware.

This site recognizes Mac and Windows browsers, and downloads malware for each--it's not a Windows-only threat.
_________________________
Photo gallery, all about me, and more: www.xeromag.com/franklin.html

Top
#31964 - 12/02/14 04:37 AM Re: Mac malware attack disguised as Christmas ecards [Re: tacit]
Virtual1 Offline


Registered: 08/04/09
Loc: Iowa
because everyone loves to click on christmas cards ending in .EXE
_________________________
I work for the Department of Redundancy Department

Top
#31973 - 12/02/14 11:18 AM Re: Mac malware attack disguised as Christmas ecards [Re: Virtual1]
joemikeb Online
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
Originally Posted By: Virtual1
because everyone loves to click on christmas cards ending in .EXE

Unfortunately not everyone notices or knows the difference if they do.
_________________________
joemikeb • moderator

Top
#32014 - 12/04/14 09:26 PM Re: Mac malware attack disguised as Christmas ecards [Re: Virtual1]
tacit Offline


Registered: 08/03/09
Loc: Portland, Oregon, USA
The malware site seems to be down now.

In this case, it would not download a .exe file. Instead, it would tell you that you didn't have the right browser plugin to see the Christmas card, and would start the process of installing a plugin on your browser if you were naive enough to allow it to. On Windows it would install a Browser Helper Object for Explorer, or a plugin for other browsers; on the Mac it would try to install a plugin for Safari or Chrome.
_________________________
Photo gallery, all about me, and more: www.xeromag.com/franklin.html

Top

Moderator:  alternaut, cyn