Skip to main content
CNN Europe CNN Asia
On CNN TV Transcripts Headline News CNN International About Preferences
powered by Yahoo!

E-mail greeting card hides porn

By Jeordan Legon

Ortyc.Trojan is another download that disguises itself as an e-card.
Cytron Communications has stopped sending out this card. But others are still sending out a marketing program disguised as an e-card.

   Story Tools


(CNN) -- The e-mail looks harmless enough: A link to a greeting card that appears to be sent by a friend.

But clicking on the link can place porn images on a desktop, download a barrage of x-rated ads, or send similar e-cards to those listed in Outlook's address book.

No downloadable e-mail attachments to install. No infected disks shared. All the user has to do is go to a link.

E-mail marketers -- many of them porn sites -- are increasingly borrowing tactics used by hackers to trick potential customers into seeing their messages, anti-virus experts say. And often, they use Microsoft's ActiveX Controls, which are meant to make Web pages more interactive, to instantly download their unwanted programs.

"It's like the boogy man. It's going that way," said Chris Wraight, tech consultant for anti-virus company Sophos. "You have to be careful and be very, very suspicious."

They're not viruses or worms, but they are annoying -- modifying a user's computer in ways they never intended, said Lawrence Baldwin, president of Internet security firm

"The general thinking of the average Internet user is that ... by running antivirus and not downloading executable files, they don't have to worry," Baldwin said. "But they're getting a false sense of security."

One e-greeting prompts warning

There are many such direct marketing e-mails making their way around the globe. Several elicited enough complaints that they prompted warnings from anti-virus firms. A spokesman for Cytron Communications, a Canadian company cited by anti-virus experts, claimed they no longer are using this type of marketing scheme.

But warnings continued for cards sent by and other sites run by Permissioned Media Inc., which listed an address in Panama as their headquarters.

In most cases, the e-mail greetings mimic many legitimate greeting card sites by including a personalized subject line: "(Recipient) you have an E-Card from (sender)." Within the message, there is a link to the Web site and a small note: "E-card viewer plug-in may be required to view some cards."

Those who click on the link and accept the lengthy user agreement unwittingly download a program that peppers them with porn-filled pop-up ads and hands over the e-mail addresses in their Outlook e-mail address book to the marketer.

Not doing anything illegal

The direct marketer is not doing anything illegal, so many anti-virus firms are treading carefully -- not treating such misleading campaigns as viruses, but warning users nonetheless.

"It was a gray area... that we have to watch carefully," Wraight said.

Baldwin advises users to avoid clicking on e-mail links to sites they don't recognize. And he suggests disabling the Internet Explorer function that allows browsers to instantly download ActiveX Controls. Doing so will cause a warning box to appear anytime such files are encountered, which could get annoying because Macromedia Flash, used to create Web animations, uses ActiveX Controls.

But a little annoyance is worth it in the long run, he said. "You have to configure your browser to protect yourself."

Story Tools

Top Stories
Burgers, lattes and CD burners
Top Stories
CNN/Money: Security alert issued for 40 million credit cards
© 2004 Cable News Network LP, LLLP.
A Time Warner Company. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines. Contact us.
external link
All external sites will open in a new browser. does not endorse external sites.