Tuesday, May 22, 2012

Warning! Facebook Cancellation Request May Be Malware

Check your inbox carefully! That email that appears to be coming from Facebook asking if you’d like to cancel your accounts might actually be malware in disguise.

According to reports from ZDNet and Sophos, users have been receiving Facebook-centric e-mails that ask users if they wish to confirm or deny a Facebook account cancellation request. In fact these requests are from a malicious third party looking to install malware on your computer.

These very realistic looking Facebook e-mails ask users to follow a link to confirm a cancel requests to delete their account, something Facebook will never do! If followed, you are then offloaded to third-party Facebook application that will download a Java applet. Once the applet is loaded it will ask you to install a "Facebook Plugin" and continually harass the user to allow it run until they do – if the user allows the applet to run it will trigger a fake Adobe Flash update message. Once users download the update, they'll unsuspectingly install a backdoor Trojan to their computer, allowing attackers to monitor their activities and remotely access their computer.

Sophos security products detect the malware as Mal/SpyEye-B and Troj/Agent-WHZ. There is no word yet as to what information the malware is collecting, however it could be used to obtain just about anything.

For more details as well as screenshots of the email view the Sophos security alert posted here.

No comments:

Post a Comment

All comments will be moderate for content, please be patient as your comment will appear as soon as it has been reviewed.

Thank you