Mx Lab Interrupted Fake Facebook E-mail
The facebook users are being tricked into opening an unsolicited spam email via a new facebook-themed spam campaign which is targeting the social network's users.
The subject line bears the words "your friend, a new photograph with you in the album." The email is send from the fake address "Facebook email@example.com" and the following continued as the body: greetings, one of your friends added a new photo with you to the album.
The ZIP file attached with the e-mail has a 77 Kb capacity. Its a large file New_Photo_with _you_on_Facebook.gif.exe containing the name New-Photo-with-You_on_Facebook_PHOTOID1308WHZL.zip
The Trojan is called as spyware/Win31.Zbot, Trojan.Generic.KDV.739716, Trojan-DOWNLOADER.Win32.Andromeda.hr, Hack.Anti.Win32.XPACK.f, WS.REPUTATION.1, PAK_Generic.001, Win32.Hack.Anti.f (kcloud), researchers at Mx lab noted.
Virus total used 43 AV solution and 20 among them detected the file as malicious, disclosed by security experts.
The file is at present identified as malicious by 20 of the 43 AV solutions employed by Virus Total, as revealed by security experts at Mx Lab.
Security experts remarked that it is due to the above mentioned types, that increases these malware in the internet.
Moreover face bookers are many a times being victimized in the spam email campaigns.
Security expert at security firm Sophos, detected a scam almost same as the above one back in July 2012.
Sophos had seized a spammed-out email campaign; with the subject Christine McLain Gibbs tagged a photo of you on facebook. This email was sent From: Facebook firstname.lastname@example.org
Almost everything seems to be authentic except typo errors. This makes this threat so worrisome. A good number of malware threats has at least many indicators while this one has only one.
Facebook has been trying to struggle with spam email campaigns. The social networking website in July 2012 launched a service which directs users who think their computer might be infected to sites where they can get free antivirus software.
And, while facebook is adapting three steps, internet users are prompted to only open emails from the trusted source. Even then, as in the case of facebook, verify the sender email address. Unless the sender has been infected, it won't be the one you are accustomed to.
Related article: Mass Mailing Worm Caution About Worms
» SPAMfighter News - 05-10-2012