Bogus E-mail Claiming Password Reset for Facebook Account Circulating; Experts

Spam mails posing as messages from Facebook asserting a resetting of password done for the recipient's Facebook account are presently hitting unsuspecting Internet-users, caution security researchers, report softpedia.com, December 13, 2014.

Claiming that suspicious activity was noticed, the e-mail accordingly informs that the password has been reset. It also contains details of the Web browser and operating system utilized to execute the suspicious operation while provides a perceived location too.

There's also one web-link given, which apparently the recipient must follow for completing certain form in order to restore the password.

To appear genuine, the e-mail even displays the emblem of Facebook as well as the social-networking website's usual color scheme of white and blue.

But, in reality, Facebook hasn't sent the e-mail while the assertion about password remake is a lie.

Rather, the e-mail tries to deceptively make the user download malware. Clicking the web-link, according to the e-mail's instructions, leads onto a hijacked site which has the malware.

Once taken down, the malicious file searches the host machine for a particular OS and Web-browser. Incase found, one zipped archive gets downloaded that has certain .exe file which if clicked results in the malware getting planted onto the victim's PC.

This malware then adds the infected PC to a notorious botnet called Asprox also called Kuluoz that understandably spews junk e-mails as well as more malware.

First detected during 2008, this botnet is given on hire to other cyber-crooks to serve various objectives. Moreover, it is constantly enlarged with more-and-more campaigns to collect infected PCs carried out.

The botnet's physical structure to disseminate malware and junk electronic mails is rather complicated, instructing to link up with specific web-pages, which varies with the machines from which they originate.

Users of iOS and Android are taken onto various web-pages which execute various scams via tainted applications. For a Windows system, the scam leads onto malware downloaders. There are also different adult websites to which the visitors are diverted that either host malware or advertise other perilous destinations.

Therefore, according to security specialists, end-users should remove the above kind of unsolicited e-mail from their inboxes.

» SPAMfighter News - 12/23/2014