Offensive Facebook email leads to Blackhole malware attack

Filed Under: Facebook, Featured, Malware, Spam, Vulnerability

Facebook users are warned to be on their guard against unsolicited emails they might receive suggesting that someone has left an offensive comment about them on their wall.

Malicious email

Hi,

[REDACTED] commented on your Wall post.

[REDACTED] wrote: "you piece of shit!!!"

See the comment thread

Reply to this email to comment on this post.

Thanks,
The Facebook Team

Of course, if you were alert you would hopefully notice that whoever sent out the emails has done a pretty poor job at disguising the message as though it were really from Facebook - take a look at that From: address for instance,

comments@faceb00k.com

But there is always the danger that some computer users will be tricked into clicking on the link.

And if you do make the mistake of clicking to find out more you will not be taken to the real Facebook site, but instead your browser will visit a website hosting a malicious iFrame script detected by Sophos as Mal/Iframe-W. Within seconds, your computer will find itself put at risk of malware infection via the notorious Blackhole exploit kit.

You may not notice, however, as the cybercriminals have redirected your web browser to a Facebook page which acts as a smokescreen to the attack.

Innocent Facebook page

There is no suggestion that the owner of this Facebook page is in anyway related to the malware attack.

Please remember to always be on your guard. You would have been protected from this threat if you had kept your wits about you.

Even if you didn't notice that "Faceb00k" was spelt incorrectly, you could have seen by hovering your mouse over the link that it wasn't going to take you directly to the genuine Facebook website.

Obviously, it's also very important to run up-to-date anti-virus software and keep your computers patched against the latest vulnerabilities.

If you don't take the right steps to protect your computer, one day a cybercriminal might find the right social engineering trick to dupe you into making a bad decision or visit a dangerous website.

, , , , ,

You might like

One Response to Offensive Facebook email leads to Blackhole malware attack

  1. Eddie · 735 days ago

    Mouse hover over link isn't perfect proof either. I have rec'd emails which showed plausible links thus; but NOT elsewhere, thank God!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.