Jump to content

Rogue Facebook Private Messages Lead to Scareware

Starbuck
 Share

Recommended Posts

  • ExTS Admin
Starbuck Newbie

Starbuck

Posted
  • ExTS Admin
Posted

http://img.photobucket.com/albums/v708/starbuck50/facebook-1.jpg Security researchers from CA warn of a scareware distribution campaign which spams Facebook users with malicious links via private messages.

 

The rogue messages read "I got you a surprise" and contain a link which takes users to a website hosted at blogspot.com.

 

The landing page is designed to look exactly like a Facebook one, down to the advertisements on the right sidebar.

 

This is meant to trick users into believing they are still on the social networking site.

 

The page shows a gift image with an associated message that reads "Hey buddy! If you're here, then someone of your friends had made up a surprise for you!"

 

Clicking anywhere inside the page prompts users to download a file called surprise.exe, which according to Akhil Menon, a CA security researcher, is a Trojan downloader which further installs scareware on the infected machine.

 

"An unaware user inquisitively would download and run the file thinking that it is really being sent by a friend on facebook and would infect his machine right away," the research notes.

 

The scareware programs will immediately start bombarding users with alerts about non-existent threats allegedly found on their computers in an attempt to trick them into paying for a license.

 

Private message spam is not uncommon on Facebook, but it seems the use of this technique recently increased in association with malware distribution attacks.

 

Just a few days ago we reported about a new Koobface campaign spreading via similar messages and directing people to fake videos.

 

Users are advised to be extra careful when visiting links received on social networking sites, even when they appear to be sent by a friend. To protect themselves from clandestine attacks, a capable and updated antivirus program should run on their computers at all times.

 

If any website offers an executable file for download without the user particularly asking for it, it's most likely an attempt to infect them. Online scanning services like Virus Total can be used to check suspicious files.

 

 

 

Source:

Rogue Facebook Private Messages Lead to Scareware - Softpedia

Member of:

UNITE

  • Replies 0
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...