Friend Request E-mails Drop Malware on Systems

Cyber criminals are distributing "New Friend Request" e-mails to users of social-networking websites in the hope that they would gain something this festive season.

David Marcus, Internet Security Expert at McAfee, states that the e-mail appears exactly as one would expect it to be - like a friend request from MySpace or Facebook, as reported by Komonews on December 21, 2009.

But the users are advised to ignore the e-mails especially their links. The links could land the user on a phony website which accurately resembles MySpace or Facebook. That site could automatically load malware on his PC like 'spyware,' which could capture the user's private details.

During the weekend, Marcus received few unusual Instant Messages from a friend on his Facebook account. The IMs were inscribed with a colon-cleanser's virtues, a movie, which diverted Marcus on a Facebook phishing website, and attractive price cuts on branded watches like Breitling, Tiffany, Rolex and others.

However, these couldn't fool Marcus. He contacted his friend as well as assisted him in getting his systems cleaned that were contaminated with a version of Koobface.

According to the security specialists, what is it that one needs to do in case he receives a request from a new friend and he isn't sure about its legitimacy.

In response, Marcus says that the user should access Facebook, sign up into its application and find out whether the friend requests actually present in it. In addition, the user needs to know who all the new friends know from among his contacts list. Based on that, he can decide on acknowledging them as friends, Marcus suggests.

Through his descriptions, Marcus emphasizes how the reputations of websites and IP addresses are important in judging the authenticity of web-links. Here Marcus cautions that the malicious software designers have proficiently created a large number of malware variants, which easily evade their scanners.

Moreover, Facebook has an immensely large user-base and therefore malware authors and scammers target it heavily. Consequently, a user accessing the site should ensure that his computer has properly configured and up-to-date security software.

Related article: Friendster Password E-mails Surges the Fears of Website Hijacking

» SPAMfighter News - 1/1/2010