From Sophos Blog:
Well, it didn’t take long for the Christmas E-Card scams to start.
Recently we have seen email messages pretending to be from Hallmark, suggesting that you have received an E-card from a friend. The complete email message looks like this:
You have recieved a Hallmark E-Card from your friend.
To see it, check the link below:
http://www. hallmark. com/webapp/wcs/stores/Occasion/ChristmasE-Cards
There’s something special about that E-Card feeling. We invite you to make a friend’s day and send one.
Hope to see you soon, Your friends at Hallmark
Note, that the link looks like it’s from Hallmark, but it’s fake. If you hover your mouse over the link and look at your browser’s status bar, the real link show up (which in this case is http://www. <hidden>. com/_themes/Christmas.exe). This piece of malware is detected by us as Troj/VBInject-S.