Permissioned Media, runs a Web site called FriendGreetings.com, which lets one person send another person an electronic greeting card. The friendly facilitation seems simple
and harmless, but it has a rather insidious side.
When you receive a greeting from FriendGreetings.com, the message says
that someone sent you the greeting and that to read it, you must click
a URL that takes you to the Web site hosting the greeting. When you
click the URL, you're prompted to install an ActiveX control before
you view the greeting. As the greeting-card recipient, you would
probably assume that you must install the ActiveX control to view the
greeting; however, that's not the case. Instead, FriendGreetings.com
has designed the ActiveX control, complete with an End User License
Agreement (EULA), to interact with your mail client software and
harvest information about your email contacts. After the ActiveX
control obtains your private contact list information, it sends a
similar greeting card to everyone in your contact list, probably
unbeknownst to you!
Reply With Quote