Please avoid any new Christmas, New Year, or other holiday themes or unusual links presented in the Facebook environment

Facebook – New Christmas theme leads to malware and spam

QUOTE: Attacks that use the holidays as a social engineering lure are starting to pour in as the Christmas day draws near. We recently found a page on Facebook that offers a Christmas theme on one’s profile. The page leads to a malware that comes in the form of browser plugin. Once users click the Like button, the page redirects them to a URL which allows victims to download and install a malicious plugin named Free Cheesecake Factory Coupons.  Note that the plugin only works for all browsers, which is detected as TROJ_REDIR.CU.

 Users need to be extra vigilant this holiday season, since cybercriminals are surely to continue launching attacks that use the holiday season as a lure. For more information on how to keep themselves protected, we recommend users to check the following reports: