Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home > News > Security

January 18th, 2011, 14:56 GMT · By

Rogue Facebook Private Messages Lead to Scareware

SHARE:

Adjust text size:


Rogue Facebook private messages lead users to scareware downloader
Enlarge picture
Security researchers from CA warn of a scareware distribution campaign which spams Facebook users with malicious links via private messages.

The rogue messages read "I got you a surprise" and contain a link which takes users to a website hosted at blogspot.com.

The landing page is designed to look exactly like a Facebook one, down to the advertisements on the right sidebar.

This is meant to trick users into believing they are still on the social networking site.

The page shows a gift image with an associated message that reads "Hey buddy! If you're here, then someone of your friends had made up a surprise for you!"

Clicking anywhere inside the page prompts users to download a file called surprise.exe, which according to Akhil Menon, a CA security researcher, is a Trojan downloader which further installs scareware on the infected machine.

"An unaware user inquisitively would download and run the file thinking that it is really being sent by a friend on facebook and would infect his machine right away," the research notes.

The scareware programs will immediately start bombarding users with alerts about non-existent threats allegedly found on their computers in an attempt to trick them into paying for a license.

Private message spam is not uncommon on Facebook, but it seems the use of this technique recently increased in association with malware distribution attacks.

Just a few days ago we reported about a new Koobface campaign spreading via similar messages and directing people to fake videos.

Users are advised to be extra careful when visiting links received on social networking sites, even when they appear to be sent by a friend. To protect themselves from clandestine attacks, a capable and updated antivirus program should run on their computers at all times.

If any website offers an executable file for download without the user particularly asking for it, it's most likely an attempt to infect them. Online scanning services like Virus Total can be used to check suspicious files.

TELL US WHAT YOU THINK:

887 hits · Link to this article · Print article · Send to friend · Subscribe to news

MUST-READ RELATED ARTICLES:


New Koobface Campaign Spotted on Facebook
Worm Uses Photo Lure to Spread via Facebook Chat
Rogue Private Messages Direct Facebook Users to Waledac Trojan

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2012 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use