I knew this was likely to be the case, but was never completely sure. As it turns out, some of those ‘Web-based greeting card’ companies will end up giving you a whole lot more than just a card with your order.

Beware of Web postcards bearing greetings. That’s the advice from the SANS Institute’s Internet Storm Center (ISC), which is warning about e-mail messages that pose as Web postcards, then direct recipients to a Web site that installs a Trojan horse program.

The new attacks use sophisticated social engineering techniques to trick users into installing Trojan remote access programs that can fool antivirus and firewall software by appearing to be authorized applications like Internet Relay Chat (IRC) software, the ISC said.

The ISC has received an increasing number of reports of the postcard scams in recent days. Victims receive e-mail messages with subject lines such as, “You have received a virtual postcard from a family member,” with a link to a pickup site that installs the Trojan horse, according to a post on the ISC Web site.

Another recent scam posed as a message from Blue Mountain Greeting Cards, a service operated by American Greetings Inc. in Cleveland. The messages use a spoofed sender address and appear to come from bluemountain.com. A link in each e-mail claims to go to Blue Mountain’s card pickup Web page, where recipients are asked to enter a unique card ID number provided in the e-mail. However, victims who click on the link pass first through one of a number of sites that may have installed malicious software, ISC said. [Read the rest]