Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Malware-Tainted E-mails Purport to be from Facebook

Renowned security company ThreatTrack Security recently spotted one intriguing malware dissemination scheme, which capitalizes on Facebook's deactivation of a few members' accounts, following an Abode breach, which lately helped access the passwords and e-mail details of some 38m end-users.

The malware-laden electronic mails masquerade as Facebook messages while depicting a header "You requested a new Facebook password."

They greet the recipients with a 'Hello' and inform that they've got one secure message. The particular message will ask them for viewing a given file else downloading it onto their PCs. The e-mails having certain standard Facebook designs along with one spoofed "From" id suggest downloading the file prior to viewing the same. The attached file named Facebook-SecureMessage.zip should be opened for perusing the secure message, the e-mails conclude.

Sadly, if anyone believes the e-mail and follows the instructions in it, he'll download one executable known as Transaction_{_tracking}.exe from the attachment which will first gather the system's details, alter the setting and policies of the local firewall, seize confidential information when the system has an active browser, and make sure it remains all the time so it'll run whenever Windows OS is started.

ThreatTrack Security's researchers disclose that the message body of the e-mail is into existence starting November 2012 if not earlier, while hitherto its utilization has been when focusing on customers of the CitiBank, HSBC and KeyBank financial institutions.

Interestingly, the cyber-crooks have modified the e-mail scam towards making it appear as Facebook messages immediately after the social-networking site began informing certain members that they required resetting own passwords.

Actually Facebook, on examining the data that got exposed when hackers breached Adobe, suggested those users to set one fresh password that used a common one for Adobe and Facebook.

Jay Nancarrow Spokesperson for Facebook, while asserting that the website isn't associated with the ongoing scam against its members, stated that the company always monitored for situations wherein Facebook's users might get endangered despite when the attack happened from outside. During such times, Facebook tried helping impacted users make their accounts secure, Nancarrow explained. Tripwire.com published this dated November 11, 2013.

» SPAMfighter News - 11/21/2013

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page