Opening a greeting card mailed to your home usually brings a smile and good feelings to the recipient. Unfortunately, the arrival of an e-card (a digital greeting sent via email) in their inbox might not have the same effect.
That’s because cybercriminals can use fake e-cards to deliver a virus, ransomware or another kind of malware that can compromise your private files or infect your systems. A supposedly innocent greeting can then introduce the risk of fraud and theft.
Let’s look at the criminal use of e-cards.
HOW TO TELL FAKE E-CARDS FROM REAL ONES
Whether conveying good wishes for a birthday, graduation, Valentine’s Day or the holiday season, it can be hard to tell the difference between a legitimate and a fake e-card. However, there are a few signs to look for if an e-card pops up in your inbox.
If any of the following apply to an e-card you’ve received, think twice before opening it:
- There are spelling or major grammatical errors. A real e-card coming from a real company is typically reviewed and edited by several people — so it is unlikely a professional e-card company would send you one with spelling, grammar or capitalization errors. Cybercriminals aren’t as precise, as they simply want to send out an email that helps them steal your sensitive information as quickly as possible.
- You don’t know the sender. It may be tempting to open, but if the e-card is from someone you don’t know or there is no sender name, do not open it. Scammers may also use the name of a famous fictious character or a bogus nickname to hide their identity.
- The email includes an attachment. If you receive an email alerting you that someone has sent you an e-card, there will typically be a link to access the e-card. While you should be wary of suspicious links, it’s important to note that if there is an attachment, the email likely did not come from a professional e-card company. Delete any e-card message that includes an attachment.
WHAT TO DO WITH SUSPICIOUS E-CARDS
Still not sure if the e-card you received is legitimate? One simple thing you can do is to contact the sender before opening it and ask them if they sent it to you. If they did, you’ll get peace of mind before opening it and the opportunity to thank them properly.
If you receive an e-card that seems suspicious and you don’t know who sent it, the safest option is to delete it. You will also want to:
- Report the fraudulent email to the company that supposedly issued the e-card. Make sure you search for the company contact information online rather than trusting any phone numbers or web addresses in the suspicious email. American Greetings, for example, has an email protection resource center to reference.
- If you received a fake e-card under the name of someone you know, let them know their name was used in a scam and to check for fraudulent activity.
- File a report with the Federal Trade Commission.
- Make sure you have a quality anti-malware solution running in case the email or a link exposes your device to an infection.
- Consider an identity monitoring solution so you’ll be aware if scammers were able to get your personal or payment information.
Not all e-card scams are created equal, so never assume you are totally safe. Some scams will download viruses that trash computers, while others will download spyware and steal a victim’s personal information for the purposes of committing identity theft. A little vigilance and attention to detail can go a long way in protecting yourself from e-card and other email scams.