I just got this e-mail. I laughed.

Good day.

You have received an eCard
To pick up your eCard, choose from any of the following options:
Click on the following link (or copy & paste it into your web browser):

http://example.com/e-card.exe

Your card will be aviailable for pick-up beginning for the next 30 days.
Please be sure to view your eCard before the days are up!
We hope you enjoy you eCard.
Thank You!

An eCard from a domain I’ve never heard of, with a .exe attachment? I don’t think so. (Note that the actual domain wasn’t example.com, but I wanted to ensure that my blog post about a virus didn’t result in someone visiting it…)

But there are probably a lot of people who would have gotten that e-mail and merrily visited it to see their eCard, without thinking, “I shouldn’t visit links from strangers,” much less, “I shouldn’t visit links that end in .exe.”

Though presumably, at least some of the people who blindly followed it would catch on when trying to view their eCard prompted them to download a file. But I think this shows why user education is so important. To me, and probably to most readers here, it’s almost comically obvious that that link would be a virus. And yet, since they keep sending out e-mails like this, I have to think that they’re getting a decent number of people with them.