Trojan in fake postcard site Gusanito

In the following screenshot you can see a false page that pretends to be the popular postcard site

Fake site and fake Flash Player update (click to view larger)

As you can see, the hook to infect is a alleged update to Flash Player necessary to see the animated postcard. Clicking on the button downloads a file called Flash-PLayer.exe in reality is a trojan (VT 20/42).

Gusanito's postcards and other similar services have been victims of their own success, as spammers and cybercriminals have been well known and used and have used them for years to infect and steal passwords. It is very easy to create a fake postcard site that downloads Trojans or infects by simply accessing the postcard.

So you have to have beware of received virtual postcardsSome time ago I commented on how to view the Gusanito postcards safely, but since there are hundreds of these services, it is best to be suspicious and careful with everyone.

I would recommend always ignoring them, but in some cases they can be real, so the ideal is to have common sense, ask people they send them if they actually sent them and if they are anonymous, delete them before opening them.