Avast Detects Spam Mails Abusing Popularity of Facebook

Researchers at Avast the security company recently discovered an intriguing bulk e-mail scam that's distributing malware by cashing in on Facebook's popularity.

The attack begins by dispatching e-mails captioned "Hi <name> your Facebook account is blocked!" or "Hey <name> your Facebook account has been closed!"

The fake electronic mails referring to Facebook directs recipients that they need to download as well as run a file attached to the message for retrieving their accounts. But soon as any end-user runs the file, he'd find a message which tells that he can now use his Facebook connection safely while ending by offering gratitude for his cooperation.

Meanwhile, the malware gets installed and begins its activity.

The malware essentially exudes an interesting aspect i.e. its communications give rise to Web-users seemingly visiting genuine sites. With the help of an algorithm, which exploits the existing moment-of-time, there comes to the fore, as many as 32,678 URL names, each one containing words worthy of meaning.

Naturally, this makes it harder for blocking the malware, experts say.

Malware Analyst Jaromir Horejsi with Avast explains that malware purveyors frequently utilize domain-producing algorithms. Suppose a malicious program is liked up with merely a handful of online sites for acquiring payloads else updates then those domains can be easily rendered unusable while the malicious program made ineffective. But, when numerous URL names are generated through domain-producing algorithms then blocking the entire number of arbitrarily produced domains becomes impossible. This is because the number of such domains is massive alternatively because a few of them may be actually genuine sites, states Horejsi. Blog.avast.com published this dated June 18, 2013.

Disturbingly, it's because of the above kind of malware laden bulk e-mails misappropriating Facebook or other such social-networking sites, which's resulting in malware increases online, Avast researchers comment.

Thus for remaining safe from malware that blocks one's web account, like in the aforementioned case, computer-users must make sure they've up-to-date anti-malware software, especially anti-virus software, active on their systems. Also, their browser, OS and other software should be maintained up-to-date. Finally, they must exercise caution while opening attachments or clicking web-links inside an unsolicited e-mail.

» SPAMfighter News - 6/25/2013