Screen Your Hearing By Telephone. Free for AARP Members for a limited time. Learn More

Think Twice Before Opening That E-Card

With Father’s Day, graduations and all those weddings and birthdays, June is the perfect month for sending and receiving electronic greeting cards.

Hackers also find it the ideal time to distribute “malware”—annoying or dangerous programs—in e-greeting cards sent to unwary recipients.

In July 2007, as many as 35 million virus-laden e-cards were sent by spammers each day, prompting warnings from the FBI and others. The rate slowed down last year, but recently there has been an uptick in reports.

Typically, these malicious programs are just bothersome, slowing your computer’s performance and launching swarms of pop-up advertisements. But some try to sell you bogus antivirus protection software, and other messages request credit card numbers or other personal information. In rare cases, these gotcha greeting cards can unleash a virus that logs keystrokes to give scammers access to your online bank accounts and passwords.

Here are tips for ensuring your e-greetings are legit:

• Beware of unnamed senders. Most e-cards containing malware claim to be from an unidentified “friend,” “family member,” “schoolmate” or “secret admirer.” Legitimate e-greeting notifications always include the full name or personal e-mail address of the sender, according to the Greeting Card Association. Many also include a confirmation number that can be easily checked for authenticity.


• Ax attachments. A real danger sign in fraudulent e-greetings is an instruction to click on an attachment to view the card. That can unleash a problematic program that even antivirus security software may have trouble removing. Most legitimate companies, including Hallmark, never include an attachment or ask for personal information. Just delete any e-greeting with an attachment.


• Beware of unrecognized websites or companies. Past sources of problem e-cards include, and But new ones are constantly emerging.


• Confirm and enjoy. If you recognize the properly spelled name of a known sender and the card company, go to its website. For Hallmark cards, for instance, visit, where you will be asked for your e-mail address and the card’s confirmation number in order to view it. For American Greetings cards, visit and click on “eCard Pickup.” Never click on links in an e-mail notification, and if you’re sent to a site that asks for more than basic information, assume the card is bogus.

Sid Kirchheimer is the author of  "Scam-Proof Your Life" (AARP Books/Sterling).


Join the Discussion

0 | Add Yours

Please leave your comment below.

You must be logged in to leave a comment.

AARP Membership

Discounts & Benefits

    Next Article

    Read This