This is a warning for Facebook users. A fraudulent email is
circulating on the Internet claiming to be from Facebook and saying
you’ve been tagged in a photo. The email probably looks like this:
On a closer look the email is from “notification@faceboook.com” and not from a “Facebook.com”
domain. This is a specially crafted email that is targeting innocent
Facebook users. Those who click on the link in the email get redirected
to a bogus link that hosts malicious iframe scripts. These scripts take
advantage of the Blackhole exploit kit and start infecting the system.
This happens within a few seconds and then the browser gets
redirected to the original Facebook website. So the user does not get a
hint about any kind of suspicious or malicious activity. In our case,
two malicious files got downloaded. These files belong to the Trojan.Redirector family. Malware that belongs to this category has the following characteristics:
- Stays resident in the background
- Changes browser settings
- Shows commercial adverts
- Connects itself to the Internet
Kindly do pay attention while clicking on any link in the email. If you
come across such emails do not click on any link present inside.
Instead, delete the email and your antivirus updated.
Comments