English Deutsch Español Français Italiano Portuguese Čeština Ελληνικά 中文(简体) 中文 (繁體) Tiếng Việt 日本語 ภาษาไทย Русский Български Nederlands Polski Svenska Norsk Dansk Suomi

McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

Compatible with Windows 7

Works with Windows Vista

SPAMfighter is

Microsoft Gold Certified Partner

Spam Campaign on Facebook Targeting New Friends

Security investigators at Websense Security Labs have detected a new spam campaign on September 22, 2008 that uses malicious social engineering tactics. The scam attracts victims to distribute malicious code by mimicking the Web 2.0 social networking Website Facebook, as reported by ChannelWeb on September 22, 2008.

Taking advantage of the popular social networking Website, the attackers spoofed facebookmail.com, the Facebook domain used for outgoing e-mails that alert users about upcoming event. Further, the attack is in the form of an e-mail message apparently from a Facebook member, pretending that the recipient would be added as another friend on the network.

Moreover, the bogus e-mail also carries an attachment as a zip file that contains a picture, and prompts the recipient to double-click on it. But, the picture actually contains a Trojan that installs a malicious program on the victim's computer.

The e-mail body further includes a Facebook login Web page apparently lending an element of legitimacy to the spam mail. According to Websense, it might be that the login Web page is spread as a fake front to a scam site for phishing.

In addition, after examining the malicious HTML code, it revealed that the scam site actually transmitted the user's ID and password to Facebook itself, probably to lend it greater authenticity, or to get around spam filters, said Websense Researchers.

Moreover, the researchers have also developed a proof-of-concept program for Facebook that converts victims' computers into a botnet. Demonstration showed that the botnet could launch denial-of-service (DOS) attacks on a compromised server.

This kind of botnet could be utilized for several other attacks like spreading malware, overriding authentication devices that rely on cookies, and scanning PCs to find open ports.

Meanwhile, Facebook, in the past few months, has increasingly targeted with malware authors' and phishers' ploys as its share in the market increased. In August 2008, many Facebook users witnessed a steep rise in spam. And during the weekends, Websense received several complaints from Facebook users that they found their accounts hijacked and some of them even deactivated.

» SPAMfighter News - 29-09-2008

Bookmark and Share
Twitter Facebook RSS

SPAMfighter box shot

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail and Thunderbird

Optimize Slow PC

Optimize your Slow PC for better performance. Try FREE scan now

Exchange spam filter

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial

 

Spyware remover

Remove Spyware with SPYWAREfighter - Free 30 days trial


anti virus

Antivirus software for your Windows PC - Free 30 days trial

<<<>>>