Bogus Facebook emails pass trojans

Share this article:
Bogus Facebook emails pass trojans
Bogus Facebook emails pass trojans

Updated on Tuesday, Sept. 23 at 5:43 p.m. EST

A trojan-laden phish disguised as a message from the popular social networking website Facebook is making the rounds.

In an alert Monday, web security company Websense said that the email appeared to be sent by the domain facebookmail.com with a subject line that reads "An old friend added you as a friend of facebook." The email contains an attachment called "picture.zip" that is actually a trojan.

The body of the email contained a view of Facebook's login page with a notification that says an old classmate has requested to be your friend and, "To see her picture please check your attachment."


                                                                                                    Courtesy: Websense
Facebookmail.com is an official domain that Facebook commonly uses to notify its users of friend requests and events, the Websense alert said. It is unclear how the attackers spoofed the address.

Users might not think twice about clicking the attachment, said Ken Dunham, director of global response for iSight Partners, a global risk mitigation company.

"Big brand names like Facebook, MySpace, YouTube - those are trusted names that people are less likely to be concerned about," he told SCMagazineUS.com on Tuesday.

The email body contains Facebook's login screen and will take users there, lending to the legitimacy of the message. This technique is commonly used by phishers as a way to gain trust so victims do not think they are being duped, Dunham said.

A Facebook spokesperson did not respond to a request for comment.

Dunham suggested corporate IT departments inform and train employees to be suspicious of unsolicited email.

Share this article:
close

Next Article in News

Sign up to our newsletters

More in News

Report: SQL injection a pervasive threat, behavioral analysis needed

Report: SQL injection a pervasive threat, behavioral analysis ...

Long lag times between detection and resolution and reliance on traditional methods impair an organization's ability to combat SQL injection attacks.

WhatsApp bug allows for interception of shared locations

Researchers identified a vulnerability in WhatsApp that could enable an attacker to intercept shared locations using a man-in-the-middle attack, or a rogue access point.

Google tweaks its terms of service for clarity on Gmail scanning

The company is currently dealing with a lawsuit that challenges its email scanning practices.