E-mail greeting card hides porn

By Jeordan Legon
CNN - October 29, 2002
 

(CNN) --The e-mail looks harmless enough: A link to a greeting card that appears to be sent by a friend.

But clicking on the link can place porn images on a desktop, download a barrage of x-rated ads, or send similar e-cards to those listed in Outlook's address book.

No downloadable e-mail attachments to install. No infected disks shared. All the user has to do is go to a link.

E-mail marketers -- many of them porn sites -- are increasingly borrowing tactics used by hackers to trick potential customers into seeing their messages, anti-virus experts say. And often, they use Microsoft's ActiveX Controls, which are meant to make Web pages more interactive, to instantly download their unwanted programs.

"It's like the boogy man. It's going that way," said Chris Wraight, tech consultant for anti-virus company Sophos. "You have to be careful and be very, very suspicious."

They're not viruses or worms, but they are annoying -- modifying a user's computer in ways they never intended, said Lawrence Baldwin, president of Internet security firm myNetWatchman.com.

"The general thinking of the average Internet user is that ... by running antivirus and not downloading executable files, they don't have to worry," Baldwin said. "But they're getting a false sense of security."

One e-greeting prompts warning

There are many such direct marketing e-mails making their way around the globe. One this week elicited enough complaints that it prompted warnings from anti-virus firms and by Tuesday, Canadian company Cytron Communications had taken down one of their offending sites: FriendGreetings.com. But only to put up a new site in its place: cool-downloads.com. And the company was now saying the corporate parent of the site was Permissioned Media Inc., based in Panama.

The Cytron-enabled e-mail greeting mimicks many legitimate greeting card sites by including a personalized subject line: "(Recipient) you have an E-Card from (sender)." Within the message, there is a link to the Web site and a small note: "E-card viewer plug-in may be required to view some cards."

Those who click on the link and accept the lengthy user agreement unwittingly download a program that peppers them with porn-filled pop-up ads and hands over the e-mail addresses in their Outlook e-mail address book to the marketer.

Not doing anything illegal

The direct marketer is not doing anything illegal, so many anti-virus firms are treading carefully -- not treating such misleading campaigns as viruses, but warning users nonetheless.

"It was a gray area... that we have to watch carefully," Wraight said.

Baldwin advises users to avoid clicking on e-mail links to sites they don't recognize. And he suggests disabling the Internet Explorer function that allows browsers to instantly download ActiveX Controls. Doing so will cause a warning box to appear anytime such files are encountered, which could get annoying because Macromedia Flash, used to create Web animations, uses ActiveX Controls.

But a little annoyance is worth it in the long run, he said. "You have to configure your browser to protect yourself."