Security Protection – Harry Waldron MVP Rotating Header Image

Facebook – Photo notification in email may trigger malware attack

Sophos security is warning of malicious email messages that appear to come Facebook.  Please avoid opening any attachments.  This is documented as follows:

http://nakedsecurity.sophos.com/2012/08/28/facebook-friend-photo-malware/

QUOTE: Computer users are being warned to be careful about opening unsolicited email attachments, after a malicious Trojan horse was spammed out posing as a Facebook notification that the recipient is featured in a newly uploaded photograph. The emails, which pretend to come from Facebook.

Unfortunately, the attached ZIP file contains malware, designed to allow hackers to gain control over your Windows computer. Sophos products intercept the malware as Troj/Agent-XNN.  Last month, experts at SophosLabs saw another malware campaign posing as a Facebook photo tag notification. On that occasion, the emails did not contain attachments but instead linked to compromised websites which aimed to attack visiting computers with the Blackhole exploit kit.

 

EXAMPLE OF EMAIL MESSAGE

Subject:         Your friend added a new photo with you to the album

Attached file:   New_Photo_With_You_on_Facebook_PHOTOID[random].zip

Message body:

Greetings,

One of Your Friends added a new photo with you to the album.

You are receiving this email because you've been listed as a close friend.

[View photo with you in the attachment]

Comments are closed.