14 DAY TRIAL // How would you react if someone commented on one of your Facebook posts with “You piece of [expletive]?” Well, you’d better not rush to give them a piece of your mind because you could end up with a malware-infected computer.
Sophos experts have discovered some malicious emails entitled “[User name] also commented on your Wall post.” The fake notifications inform recipients that someone has written the offensive comment on their Facebook wall.
The messages are designed to look legitimate, but the links they contain don’t point to the social media website, but to a site that’s designed to push pieces of malware with the aid of the BlackHole exploit kit.
To avoid raising suspicion, the website that hosts the exploit kit is designed to mimic the Facebook profile of an attractive young woman.
A closer look at the initial notification reveals that it doesn’t originate from a facebook.com domain, but from faceb00k.com, which is entirely different.
As always, an up-to-date antivirus and some common sense can keep you out of trouble.