‘Tis the season: e-cards are now beginning to tumble into our boxes and soon will become an avalanche.  Christians have Christmas, Jews have Hanukkah, African Americans have Kwanzaa,  and other groups have other seasonal holidays, and just about all of them seem to trigger an impulse to send friends and relatives e-cards. The important point:  in December the Internet is awash with e-cards and what smart, security conscious people do is delete them unopened.

That is because cyber crooks are all over e-cards. They know our defenses are down – in deference to seasonal cheer. And their plan is to make us pay for that.

Said Robert Siciliano, an  identity theft expert with BestIDTheftCompanys.com, “Consumers will be wise not to open e-cards.”

Why?

Craig Young, Security Researcher at Tripwire, explained: “Around the holidays, a very common ploy for cyber criminals is to send fake e-greeting cards with malicious files attached because it is easy for busy, distracted consumers to become victims of these schemes.”

Yes, but I know this e-card is good because it came from my brother.

Stop right there. You think it came from your brother or your boss or your son or whoever – but you do not know if in fact a cyber crook got control of that person’s email address book and carpet bombed them with toxic e-cards, many of which will in fact be opened because can you really delete mom’s e-card without a glance?

Yes, you had better just delete.

E-cards have been known to come loaded with spy software – key loggers – that communicates information such as bank account log-in and password back to a control. Opening that e-card may lead to your bank account being emptied.

All because you clicked on a card.

In other cases the e-card directs the recipient to a website and asks the person to sign in to see the card – go ahead, for your convenience, use your Gmail log-in or maybe Facebook. And when you have done that you have given the criminal those log-in credentials. So suddenly your Facebook pals or your Gmail contacts will be getting toxic e-cards “sent” by you.

Yes, but the card is from a well-known card company so you know it is okay?

Read this warning from American Greetings: “There have been email campaigns that claim to be an e-card from AmericanGreetings.com which contain an attachment that will infect your computer with a malicious and destructive virus.”

Hallmark has this to say: “Hallmark is one of several greeting card companies being targeted via fraudulent emails that are flooding the Internet. These emails claim to have a link to an ecard from a family member, friend or neighbor. Clicking on the link downloads a virus onto your computer that compromises personal data.”

Microsoft for its part offers specific – and loud – warnings about e-cards: “An e-card you receive could actually be a phishing scam, spam, or a spyware installer, or a computer virus.”

Advice from Tripwire’s Young is: “Never open emails from unknown addresses with undisclosed recipients, especially if the message contains attachments.

“If you receive an e-greeting card, consider calling the sender first to confirm if they sent one, and if they didn’t, don’t open it.”

Siciliano added that if you insist on opening e-cards “it is absolutely necessary to have an updated browser with updated security patches, an updated operating system, and anti-spyware/antiphishing software, and a firewall.”

Young further cautioned that just because you do not use Windows does not mean you are safe. “Apple devices aren’t immune to malware or phishing. As the number of Apple users has continued to grow, there has been a corresponding increase in malicious software targeting OS X platforms.”

What about opening e-cards on mobile phones? Young said: “I have not seen versions that work on mobile phones but there is no reason why they couldn’t work.”

Chew on these warnings and next time you get an e-card, our advice is: delete it unopened. By all means, thank the sender, “Great card, I appreciate your thoughtfulness.” And you just might include a link to this article as a bonus gift.