ORLANDO – Did your brother-in-law really send you a singing holiday card? Did a long-lost friend from college really include you on this year’s list? Security vendor AVG warned on Tuesday that online criminals are taking advantage of the fact most people don’t know the difference between a legitimate e-card and one hosting malware.

Last week security vendors warned of a Trojan horse masquerading as holiday-themed e-cards from McDonald’s, Coca-Cola, and Hallmark, CNET News.Com reported.

To better educate the public, AVG has launched a site, “Slam the Holiday Scam,”, co-sponsored with CyberStreetSmart.org and i-Safeworking, and is working to team with various online safety organizations such as the National Crime Prevention Council, the FTC’s Bureau of Consumer Protection, CyberStreetSmart.org, i-Safe, the National Cyber Security Alliance, the National Consumers League, and Consumers Union, and Protection from Brand Infection.

The tips, which should be familiar to most online users, include:

Don’t open attachments because most legitimate e-cards include links to the company’s Web site that allow you to go directly to your card.

If something looks a little strange or “phishy” just delete the card.

Use security software on your desktop.

Watch out for misspelled words or names, a disguised name (such as Your Friend, A Secret Admirer), or an odd URL.

Always read the fine print before accepting any terms.

a>>