It seems we've got another ecard malpaign about to start. A few minutes ago, I received the following;
Going to the URL in the e-mail results in an error stating "Sorry the card does not exists.", which likely means this one is still being setup. If we drop to the cgi-bin directory however, we see;
What is strange, is thedeadpit.com, was actually used in attacks a couple months ago, and is suspended so no longer resolves;
Meaning our ecard author either hasn't done his homework, is a script kiddie that's not clever enough to check things actually work before using them, or is still setting it up (in which case, the domain in use will likely change).
Standard rules apply of course - NEVER EVER EVER click URL's or open attachments in e-mails.