Spam Campaign on Facebook Targeting New Friends
Security investigators at Websense Security Labs have detected a new spam campaign on September 22, 2008 that uses malicious social engineering tactics. The scam attracts victims to distribute malicious code by mimicking the Web 2.0 social networking Website Facebook, as reported by ChannelWeb on September 22, 2008.
Taking advantage of the popular social networking Website, the attackers spoofed facebookmail.com, the Facebook domain used for outgoing e-mails that alert users about upcoming event. Further, the attack is in the form of an e-mail message apparently from a Facebook member, pretending that the recipient would be added as another friend on the network.
Moreover, the bogus e-mail also carries an attachment as a zip file that contains a picture, and prompts the recipient to double-click on it. But, the picture actually contains a Trojan that installs a malicious program on the victim's computer.
The e-mail body further includes a Facebook login Web page apparently lending an element of legitimacy to the spam mail. According to Websense, it might be that the login Web page is spread as a fake front to a scam site for phishing.
In addition, after examining the malicious HTML code, it revealed that the scam site actually transmitted the user's ID and password to Facebook itself, probably to lend it greater authenticity, or to get around spam filters, said Websense Researchers.
Moreover, the researchers have also developed a proof-of-concept program for Facebook that converts victims' computers into a botnet. Demonstration showed that the botnet could launch denial-of-service (DOS) attacks on a compromised server.
This kind of botnet could be utilized for several other attacks like spreading malware, overriding authentication devices that rely on cookies, and scanning PCs to find open ports.
Meanwhile, Facebook, in the past few months, has increasingly targeted with malware authors' and phishers' ploys as its share in the market increased. In August 2008, many Facebook users witnessed a steep rise in spam. And during the weekends, Websense received several complaints from Facebook users that they found their accounts hijacked and some of them even deactivated.
Related article: Spam Scam Bags a Scottish Connection
» SPAMfighter News - 29-09-2008