You've received a Hallmark E-Card? Delete it!

Christmas is coming! Time to send to your loved ones a nice Christmas card, and maybe receive one too. But hold on… you’ve already received a Hallmark card by e-mail, or even two? Watch out.

 

This might not be your friend sending you a card, but a nasty attacker trying to infect your PC or steal your password. Attackers are always trying to take advantage, particularly during the Christmas season. Faking e-mails is easy. While it is evident that subject and message can be freely manipulated, did you know that the sender’s e-mail address can also be freely set? This way, attackers can disguise themselves as somebody legitimate, for example Santa.Clause@cern.ch.

So if you haven’t been expecting an e-card, or if you don’t know the sender, just delete that e-mail. If the e-mail is asking for your (CERN) password, let us know at Computer.Security@cern.ch, and delete it afterwards. If the e-mail includes an attachment or asks you to click on an embedded link, take care. Both might be misused to infect your PC or to steal your password. If it's an e-mail from a friend or your family, maybe this is just the right moment to call them and say “Thank you” before you open the attachment or click the link.

We wish you a Merry Christmas and a Happy New Year!!!

For further information, please check our recommendations here or contact us at Computer.Security@cern.ch.

 

by Computer Security Team