Spam, or real e-card?

Factual Questions
1

I use spamblocker in my webmail. Messages will not be downloaded into my inbox unless the sender has received authorisation from me to send me e-mail by being added to my address book.

I also have the virus blocker turned on. This is what it says:

So I have the following message in my Suspect Email folder:

There is no indication that the message contains spam or a worm. Ordinarily, I’d delete the message immediately. But it’s reasonable that I would receive an e-card yesterday. Since e-cards are sent by a program on a website instead of from someone’s e-mail, the sender (who might be authorised to send me mail) wouldn’t know that the e-card is from an authorised sender; the “request authorisation” e-mail would go back to the card site and not the sender.

The name is right; but that doesn’t mean anything. How often have you received spam with your name on it? Often. The date is right; since of any day of the year, yesterday would be the one when I’d expect to get an e-card. But the sender didn’t put a name in the “from” box. That’s suspicious, but he or she could have signed in the message.

Should I follow the link? Or, to make this GQ instead of IMHO, what would the potential consequences be if this message is spam and not from someone I know?

2

Here’s a quickie test – move your cursor over the link. Does the actual link shown in your browser window match the one under the cursor? If not, it is bogus, fersure – phishers use this to trick you into going to a non-ebay site that appears to be ebay in the link.

3

First thing I checked. The link is the same as the text (except it has Ecard/View insted of the ellipsis).

4

I clicked on it and got this:

5

That was brave. Either that, or you trust your virus protection more than I trust mine!

So the mystery is, if not solved, at least moot. I’ll just delete the message.

Thanks!

6

While you are correct in being suspicious, a lot of legitimate sites let users send e-cards like this.

Since the link was clearly from a legitimate site (it’s a company with a fairly high profile, after all, and the URL is not phonied up in any way), there was no reason to believe this was anything other than an e-card sent to you from a friend.

7

How can you tell this? It is a fact that the FROM address in email headers cannot be relied upon to be genuine.

8

Sorry, RealityChuck, I didn’t think much before quoting you & replying. You were referring to the LINK in the email as being legitimate, not the sender, right? So, nevermind. :slight_smile:

Johnny L. A., it looks more and more like the mail is OK, but you are right to be suspicious. It may save your ass one day.

9

Exactly. You can’t trust the sender, but the link has to be accurate, or it goes nowhere.

There are ways of disguising links – using IP addresses, including an “@” sign, creating an HTML link that goes to one site but not the right one, and even putting the number in octal. If there’s evidence that something like this is being used, then be very wary. But if the link is not faked in any way, then it can be trusted.

10

That’s because the link above has the ellipsis instead of the proper link.

11

Oops, ignore that :smack:

12

:o :o :o :o :o

I send the card. :o

I send the card. I’m so embarrased. I don’t know why my name wasn’t on it. I filled in my name and email address.

Nor do I know why you can’t see the card anymore. I’m so sorry for the inconvenience Johnny L.A.. And all that on your birthday.

I’ll go sit in a corner with my ass-hat on, okay?
Forgive me?

13

gum: No worries! Thanks for the thought! :slight_smile:

14

I never open e-cards. Too damned risky.

Plus, I have seen e-cards that were as hard to get rid of as a virus!

15

I’m very relieved, Thanks, Johnny L.A.

Really, BrotherCadfael? Thanks for the tip. To reassure Johnny L.A., I ran a virus check just yesterday. I’m clean. :slight_smile:

16

it can be both. some companies will use the addresses for spamming.