For the past five years virus writers have been exploiting electronic greetings during the festive period. Another Zafi variant this week combined with an explosion in phishing attacks has resulted in anti virus companies to advise users to either write their seasonal greetings in plain text, use extreme caution or send actual paper cards.
Mark Sinclair, technical services manager at antivirus firm Trend Micro Australia, said that electronic Christmas cards are "an ideal platform" for attacks because people will be caught with their guard down - especially if the 'from' field has been spoofed.
"The latest virus, Zafi.D, contains a Christmas greeting and will install a backdoor on the victim's computer if opened. It spoofs the source e-mail address and may appear to be from someone you know. This is an opportunity to have a virus writer install a backdoor/Trojan on a victim's PC," said Sinclair.
Sinclair advises caution when opening such e-mails.
Paul Ducklin, Sophos' head of technology in Asia Pacific, suggests users should avoid fancy greetings and instead express their feelings in plain text.
"E-mail offers a range of funky digital ways to pass on your best wishes but you can be as polite, incisive, witty, humble, risque, funky, caring - you name it - in words as you can in any number of HTML, JPG, EXE or SCR files," said Ducklin.
Ducklin said users should make text the new binary.
"If anyone tells you that you're being an old-timer just tell them that ASCII is the new binary and raise your eyebrows knowingly. With the right fashion pressure, we can put HTML e-mail out to pasture by early 2005," he said.
Going a step further into the past, Mikko HyppÃƒÂ¶nen, director of antivirus research at F-Secure, said that electronic greetings have been a target for malware writers since 1999 and will continue to be exploited. He said the safest way to communicate with loved ones over the holiday period is to stick to real cards and a pen.
"Zafi.D and Atak.H keep spreading, posing as Christmas cards. We've seen this many times before. Some people might even remember Happy99, arguably the first e-mail massmailer ever -- it posed as a Happy New Year greeting card.
"Our advice: steer away from electronic greeting cards. Go for the traditional pen-and-paper ones," said HyppÃƒÂ¶nen.