is a phishing site that seeks to exfoliate personal data from its visitors is a malicious website that uses phishing in order to make users believe that they received an Easter greeting card is a malicious website that uses phishing in order to make users believe that they received an Easter greeting card is a redirect virus that users may encounter on their web browsers via Google Chrome, Mozilla Firefox, Safari, MS Edge, or another web browser, after clicking on a link via social media platforms. At first glance, the site looks relatively harmless, as it displays Easter greetings card to users. However, is used in a phishing scheme that is designed to steal sensitive information from victims, including their credentials of emails, Facebook, and much more.

As soon as users click on a malicious message link, they will be redirected to another malicious site and will be asked to provide sensitive information, such as Facebook account login details. Do not enter this data, or you can have your personal security compromised – it can be later sold to cybercriminals or used for phishing campaigns. According to Cyber Security Philippines – Computer Emergency Response Team, is a part of a broader campaign that includes,, and others.

Type Redirect virus, malware
Activities Injects processes into built-in Windows APIs in order to repopulate the scam message to everybody in the user’s friend list and steals sensitive information
Goal To steal sensitive information from victims, such as their account credentials, passwords, emails, and other data 
Distribution Social media platforms (messengers) like WhatsApp, Facebook, etc.
Remedy Delete the phishing message that was sent to you via the social media platform, change all your passwords and scan the machine with anti-malware software
Additional precautions If you clicked on the malicious link, you should inform your social media friends about the event. Also, enable two-factor authentication for all accounts that it is available on. If your computer is slow, lagging, or displaying errors, employ Reimage Reimage Cleaner Intego to fix system damage

Seasonal scams are very prevalent, as users are looking for ways to celebrate and deliver greetings cards to their family members, co-workers, and friends. The emergence of before Easter holiday season does not come as a surprise, as similar scams used occasions like Christmas, Father’s Day, New Year, and others.

Nonetheless, all these “greeting cards” were made in just as few minutes, using dated animations, cheesy texts, and simply feel dated. If you are looking for a greeting card service, is not the one, as not only does it looks disappointing, but it might also result in malware infections or personal information compromise.

As previously noted, such platforms like Facebook Messenger or WhatsApp can be used to deliver malicious links to users. Quite often, the link is delivered from somebody in the friend list, providing a false sense of security, since users think that the link is safe. It also shows a small picture that includes a red dot saying “Touch This Red Dot” and the following message text:

I am send you a surprise message. Open this

Once the message is opened, users are prompted to enter information such as a name and then press “Go” allegedly to create a greeting card. However, performs a variety of malicious processes in the background, such as using the built-in Windows APIs in order to inject code into the machine (a technique known as hooking),[1] providing temporary access to pre-programmed functions. As a result, those who click on links can have their personal information stolen and send the same message via social media platforms to their friends, proliferating malware further.

If you clicked on a malicious link, you should remove virus by deleting the message from the social media and scanning the machine with anti-malware. Additionally, you should change all your passwords of your email, Facebook, and other accounts, as well as enable two-factor authentication where possible. Also, if you open, your friends might start receiving the same message on social media from you, so you should warn them immediately. virus is a dangerous URL that is propagated via social media messenger platforms, including Facebook, WhatsApp, and others virus is a dangerous URL that is propagated via social media messenger platforms, including Facebook, WhatsApp, and others is just one of many cheaply-made greetings card sites that are closely related to malicious activities. According to Philippines cybersecurity body CERT, is a part of a broader operation that includes many more sites incorporating a similar greeting card theme, including:[2]

  •, and many more.

Since the attack is performed by using built-in APIs and background scripts, nothing is technically installed on the system, so removal should consist only of a phishing message elimination, as well as the immediate password change. For security reasons, however, we advise you to scan your machine with reputable anti-malware and then fix system damage with Reimage Reimage Cleaner Intego.

Ways to avoid getting scammed on social media platforms

Computer threats like Facebook virus, Discord virus, or WhatsApp virus are typically propagated with the help of communications platforms and usually involves some form of phishing. Phishing takes all forms and sizes, as it is often employed in malware distribution and data-stealing campaigns by many, including state-sponsored cybercriminal groups, tech support scammers, and of unfair individuals.

In the case of social media scams, user accounts often get compromised in order to propagate a malicious message further, infecting others with malware or redirecting to spoofing, scam, and similar sites. The message is usually brief and often implies that there is something interesting behind the link, such a video about the individual who is being targeted. Since such scam message often comes from users’ friends, no suspicions are experienced, and victims simply proceed with clicking the link.

Therefore, you should also be wary of links that are suddenly sent to you – especially those that come from unknown individuals. Never click on them immediately without finding out that they are legitimate. To make matters easier, you can always scan links with online tools like Virus Total. Keep in mind that, under certain circumstances (when your browser or another program has a vulnerability),[3] malware can be downloaded and installed automatically as soon as you click a suspicious link. background process initiates background processes to steal personal information from users, so it is important to change all passwords after clicking on a link background process initiates background processes to steal personal information from users, so it is important to change all passwords after clicking on a link

Secure your safety after encountering

The so-called virus, which is actually an online cyberattack, is something that all users who encountered it should be concerned about. As previously mentioned, there is no need to actually remove per se, as there is most likely nothing installed on your system, and the activities are performed as long as the victim stays on the site. However, you should still employ anti-malware software and perform a full system scan to ensure that your computer is not infected with something more sinister.

Thus, removal consists of immediately deleting the social media message from the platform and informing the affected users, as your account might have sent out similar messages without your knowledge. Remember, receiving the message will not harm you, and all your personal information will remain safe. As soon as you click on phishing link, however, you should treat the event as a sensitive data compromise, and immediately change passwords of your accounts and enable two-factor authentication.

You may remove virus damage with a help of Reimage Reimage Cleaner Intego. SpyHunter 5Combo Cleaner and Malwarebytes are recommended to detect potentially unwanted programs and viruses with all their files and registry entries that are related to them.

Reimage Intego has a free limited scanner. Reimage Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.

This entry was posted on 2020-04-14 at 05:54 and is filed under Malware, Viruses.