Offensive Facebook email leads to Blackhole malware attack

by Graham Cluley on October 24, 2012 | 1 Comment

Filed Under: Facebook, Featured, Malware, Spam, Vulnerability

Facebook users are warned to be on their guard against unsolicited emails they might receive suggesting that someone has left an offensive comment about them on their wall.

Malicious email

Hi,

[REDACTED] commented on your Wall post.

[REDACTED] wrote: "you piece of shit!!!"

See the comment thread

Reply to this email to comment on this post.

Thanks,
The Facebook Team

Of course, if you were alert you would hopefully notice that whoever sent out the emails has done a pretty poor job at disguising the message as though it were really from Facebook - take a look at that From: address for instance,

comments@faceb00k.com

But there is always the danger that some computer users will be tricked into clicking on the link.

And if you do make the mistake of clicking to find out more you will not be taken to the real Facebook site, but instead your browser will visit a website hosting a malicious iFrame script detected by Sophos as Mal/Iframe-W. Within seconds, your computer will find itself put at risk of malware infection via the notorious Blackhole exploit kit.

You may not notice, however, as the cybercriminals have redirected your web browser to a Facebook page which acts as a smokescreen to the attack.

Innocent Facebook page

There is no suggestion that the owner of this Facebook page is in anyway related to the malware attack.

Please remember to always be on your guard. You would have been protected from this threat if you had kept your wits about you.

Even if you didn't notice that "Faceb00k" was spelt incorrectly, you could have seen by hovering your mouse over the link that it wasn't going to take you directly to the genuine Facebook website.

Obviously, it's also very important to run up-to-date anti-virus software and keep your computers patched against the latest vulnerabilities.

If you don't take the right steps to protect your computer, one day a cybercriminal might find the right social engineering trick to dupe you into making a bad decision or visit a dangerous website.

Tags: , , , , ,

One Response to Offensive Facebook email leads to Blackhole malware attack

  1. Eddie says:
    October 25, 2012 at 4:05 pm

    Mouse hover over link isn't perfect proof either. I have rec'd emails which showed plausible links thus; but NOT elsewhere, thank God!

    Reply Report comment

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <pre> <q cite=""> <strike> <strong>

About the author

Graham Cluley has worked in the computer security industry for more than 20 years, developing anti-virus software and doing quite a lot of talking about internet threats. He's won awards for his blogging, but is proudest of the text adventure games he wrote when he was still wearing short trousers. You can learn more about those (the games, not the trousers) at grahamcluley.com. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.