1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Rogue Facebook Private Messages Lead To Scareware

Discussion in 'Security Updates' started by starbuck, Jan 18, 2011.

  1. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    [​IMG] Security researchers from CA warn of a scareware distribution campaign which spams Facebook users with malicious links via private messages.

    The rogue messages read "I got you a surprise" and contain a link which takes users to a website hosted at blogspot.com.

    The landing page is designed to look exactly like a Facebook one, down to the advertisements on the right sidebar.

    This is meant to trick users into believing they are still on the social networking site.

    The page shows a gift image with an associated message that reads "Hey buddy! If you're here, then someone of your friends had made up a surprise for you!"

    Clicking anywhere inside the page prompts users to download a file called surprise.exe, which according to Akhil Menon, a CA security researcher, is a Trojan downloader which further installs scareware on the infected machine.

    "An unaware user inquisitively would download and run the file thinking that it is really being sent by a friend on facebook and would infect his machine right away," the research notes.

    The scareware programs will immediately start bombarding users with alerts about non-existent threats allegedly found on their computers in an attempt to trick them into paying for a license.

    Private message spam is not uncommon on Facebook, but it seems the use of this technique recently increased in association with malware distribution attacks.

    Just a few days ago we reported about a new Koobface campaign spreading via similar messages and directing people to fake videos.

    Users are advised to be extra careful when visiting links received on social networking sites, even when they appear to be sent by a friend. To protect themselves from clandestine attacks, a capable and updated antivirus program should run on their computers at all times.

    If any website offers an executable file for download without the user particularly asking for it, it's most likely an attempt to infect them. Online scanning services like Virus Total can be used to check suspicious files.



    Source:
    http:/ ews.softpedia.com ews/Rogue-Facebook-Private-Messages-Lead-to-Scareware-179022.shtml
     
    starbuck, Jan 18, 2011
    #1

Share This Page