White county listers, We normally discourage the announcement of viruses, etc. here because generally they are hoaxes which are perpertrated, but should not be. Unfortunately, those that pass them around do not bother to go to the hoax websites and check them out. However, this is an announcement from the national PC Magazine which I think bears watching. A rather clever, but devious scheme is being used to dupe people this holiday season. Please be wary when receiving any notification telling you that a friend or acquaintance has sent you an electronic greeting card (e-cards). You may be asked to click on a link to open it. In the process you are asked to download a "plug-in" to view the greeting card. You may even see a legitimate digital certificate that you are asked to accept. This is followed by a request to accept an "End User Licensing Agreement" or EULA. Up to this point, everything you are encountering looks like things you've seen many times before when interacting with other websites such as Microsoft or Adobe. If you agree to the EULA, you will see a non-descript greeting card that will make you wonder "What was so special about that?". By that time the damage has been done. In an instant marketing email is launched to everyone in your address book. "Uh-oh!! Something's not right," you think. Sure enough, had you read the EULA more closely before agreeing to it, you may find that it gave permission to the organization to install software on your computer to send email out to names in your address book. What we have here is a combination of spam and virus (spirus?). But your McAfee or Norton AV is not going to spot the problem in the message that started it all. This is really a Trojan Horse that has been legitimately admitted by the computer user. In the instances that have been detected on the Internet to date, the name of the offending organization has been "friendsgreeting.com". And the scheme has been designed to attack users of Outlook. But it can just as easily be morphed to be from another source. It could be designed to work with Eudora as well as Outlook. There are no safe harbors. LINUX users have learned that they are no longer neglected by attack from hackers or viruses. Because the particulars can be changed in an attempt to disguise or vary attacks, it is more important that you be aware of the general form that this type of attack can take. One defense would be to completely disable certain features in our browsers or operating systems. However, many of these features when used legitimately provide desirable capabilities and benefits that we frequently use ourselves on internal websites. Disabling them completely could affect the usability of many webpages. Again, forewarning you is one of the best defenses we have. Recommendations: (1) Please don't send or attempt to open e-cards !!! (2) Read EULA's more closely before agreeing to them in the future. Check out other details at PC Magazine dot COM: http://www.pcmag.com/article2/0%2C4149%2C661694%2C00.asp In "More Scumware-By-EULA" (http://www.langa.com/newsletters/2002/2002-11-21.htm#2) we discussed how "Friendgreetings" abuses its End-User-License- Agreement by embedding deep within it a clause that says, in effect, that you're allowing them to place scumware on your PC. Alas, they're not the only one doing this, and other, similar vendors keep shifting their domain name to try to stay one step ahead of anti-scumware tools: Below is a list of who is sending that Emailer Hack they "legally" trick people into. To get around the Anti Spam tools they use new names. I don't see how they can afford to do this. Each of the names are real and do have that so called "non- virus" ready for a sucker [to download]. The list grows every day...---Jim Cooke [Note: to make these links unclickable, Jim has replaced the punctuation with the word DOT.} surprise-card DOT net surprise-cards DOT net surprise-greeting DOT net surprise-greetings DOT net surprisecard DOT net surprisecards DOT net surprisegreeting DOT net surprisegreetings DOT net cool-download DOT com cool-download DOT net cool-downloads DOT com cool-downloads DOT net friend-card DOT com friend-card DOT net friend-cards DOT com friend-cards DOT net friend-greeting DOT com friend-greeting DOT net friend-greetings DOT com friend-greetings DOT net friendcard DOT com friendcard DOT net friendcards DOT com friendcards DOT net friendgreeting DOT com friendgreeting DOT net friendgreetings DOT com friendgreetings DOT net surprise-card DOT net surprise-cards DOT net surprise-greeting DOT net surprise-greetings DOT net surprisecard DOT net surprisecards DOT net surprisegreeting DOT net surprisegreetings DOT net ... Cindy