Sophos and other antivirus suppliers are warning e-mail users to be
wary of an e-mail greeting card that spams unsuspecting recipients
using contacts in Microsoft Outlook's address book.
Technical support staff at Sophos said they have received a
significant number of calls from users concerned about a widespread
e-mail that invites users to pick up an "E-Card" from a Web site
called FriendGreetings.com.
Sophos said that if users follow the link in the e-mail, they are
invited to install an application on to their computer. The user is
then presented with a lengthy licence agreement for the
application. Agreeing to the terms effectively grants permission to
send a similar greeting card to all addresses found in the user's
Outlook address book.
On its Web site Sophos suggests users consider blocking access to
www.friendgreetings.com. As a wider measure to tackle the problem
of employees unwittingly subscribing to Spam, Sophos recommends
users consider blocking access to non-work-related Web sites, and
educate users to check with their IT department before installing
unauthorised code on to their computers.
Alex Shipp, senior antivirus technologist at MessageLabs, said the
FriendGreetings.com spam works in the same way as a virus. "It's
using similar technique to Melissa which replicated via Outlook's
address book back in 1999." Shipp said the only difference between
FriendGreetings.com and a virus is that FriendGreetings tells you
what it will do.