trafficbuild
11-21-2002, 03:55 AM
Good to know and how to avoid this spams
**********************************************************************
I received an email recently from a friend, which claimed
that an e-greetings card was awaiting me and all I needed
was to click the quoted link. The associated site required
me to download an ActiveX element. I was a little
reluctant but checked the digital certificate, which
checked out. On accepting the download an EULA (End User
Licensing Agreement) appeared. And this is where I made my
mistake - I didn't bother to read it.
The e-card appeared but with no personal message. In
another window I noted that Outlook was receiving lots of
messages from the server announcing failed sendings. I
thought 'virus' and turned off the computer. On restarting
my system without the email software a virus scan showed
no problem. Unconvinced I checked Google which led me to a
series of articles/warnings about Friendgreetings.com
The EULA contained a notice indicating that I gave
permission for the 'card' to be mass-mailed to everyone on
my address books. In addition, it gave the company the
right to add other software to my system and even an
apparent right to prevent me from removing such software!
Popup windows had started to appear advertising products.
I located the removal instructions and cleared my system
of the offending software. I then emailed all my address
book entries to warn them of the problem, apologise and
gave removal instructions including the McAfee URL
http//vil.nai.com/vil/content/v%5F99760.htm to verify that
my email was not itself a hoax virus. I finally wondered
how I was going to repair my monitor from the repeated
head bashing that I'd been giving it.
Contacting our technical people revealed that this
'attack' is not counted as a virus because of the EULA and
so the virus software doesn't check for it. Obviously the
message here is to read the EULA with care, but also that
people out there are getting pretty nasty in order to sell
online advertising.
Regards and thanks for the list and plus --- Mike Robertshaw
"Friendgreetings" is nasty--- a combination of spam+trojan. But, as
many have found out, although it's unethical and scummy, it's
technically legal because users are agreeing to let it do its thing
when they accept the EULA.
In my opinion, companies that behave this way should be driven out
of business.
More info: http://www.google.com/search?q=Friendgreetings
**********************************************************************
I received an email recently from a friend, which claimed
that an e-greetings card was awaiting me and all I needed
was to click the quoted link. The associated site required
me to download an ActiveX element. I was a little
reluctant but checked the digital certificate, which
checked out. On accepting the download an EULA (End User
Licensing Agreement) appeared. And this is where I made my
mistake - I didn't bother to read it.
The e-card appeared but with no personal message. In
another window I noted that Outlook was receiving lots of
messages from the server announcing failed sendings. I
thought 'virus' and turned off the computer. On restarting
my system without the email software a virus scan showed
no problem. Unconvinced I checked Google which led me to a
series of articles/warnings about Friendgreetings.com
The EULA contained a notice indicating that I gave
permission for the 'card' to be mass-mailed to everyone on
my address books. In addition, it gave the company the
right to add other software to my system and even an
apparent right to prevent me from removing such software!
Popup windows had started to appear advertising products.
I located the removal instructions and cleared my system
of the offending software. I then emailed all my address
book entries to warn them of the problem, apologise and
gave removal instructions including the McAfee URL
http//vil.nai.com/vil/content/v%5F99760.htm to verify that
my email was not itself a hoax virus. I finally wondered
how I was going to repair my monitor from the repeated
head bashing that I'd been giving it.
Contacting our technical people revealed that this
'attack' is not counted as a virus because of the EULA and
so the virus software doesn't check for it. Obviously the
message here is to read the EULA with care, but also that
people out there are getting pretty nasty in order to sell
online advertising.
Regards and thanks for the list and plus --- Mike Robertshaw
"Friendgreetings" is nasty--- a combination of spam+trojan. But, as
many have found out, although it's unethical and scummy, it's
technically legal because users are agreeing to let it do its thing
when they accept the EULA.
In my opinion, companies that behave this way should be driven out
of business.
More info: http://www.google.com/search?q=Friendgreetings