The warning cites one spoofed McDonald's e-mail that claims to present their latest discount menu, and asks the recipient to print out the attached coupon. A similar mailing pretending to be from Coca-Cola asks recipients to print out details about their new online game, and also offers recipients a chance to win Coca-Cola drinks for life. The attached zip file contains files named either coupon.exe or promotion.exe, both of which contain dropper files for remote access Trojan horses.
POSTCARDS.ORG/GREETINGS.COM
The email messages, spoofed to appear as though they have been sent from postcards.org, display an animated Christmas scene.
A URL link within the email leads to a malicious file called postcard.exe hosted on various servers, including those in the .com TLD
space.
this particular worm carries a built-in SMTP engine that mass-mails copies of itself to e-mail addresses harvested from an infected machine.
Your friendly board admin
