This new series began hitting just after midnight last night and have come in about one an hour. All from different domains and IP blocks — but all the same message:
Before you are able to use the new login system, you will be required to update your account. Click here to update your Facebook account.”
When you open the email it looks like a convincing FaceBook alert … but look carefully at three tell-tale characteristics:
#1 : hover over the “update” link, and
#3 : look in your status bar. Note this is NOT a Facebook domain
#2 : “dictionary” spamming technique uses any/all words attached to a particular domain to try and ‘find’ users.
Two of these tested were exactly the same except different web site destinations — all of which immediately begin downloading malware to your Microsoft Windows or Unix, Linux computer. We have no idea what the malware does, but suspect it’s a zombie or keytracker to obtain passwords, etc.
First example:
Cybercrime phishing email sent by:
* NetArt Piotr Nowak, Polska Poland
Spamvertised web site registered at:
* Telefonica de Argentina, Buenos Aires, Argentina
Spamvertised malware web site: poresawt.eu
* NetArt, Krakow, Poland
Second example:
Cybercrime phishing email sent by:
* IUnet, Milano Italy
Spamvertised web site registered at:
* NTT Plala Inc., Japan
Spamvertised malware web site hosted at
* Internet Cable Plus C. A., Barquisimeto Venezuela
In a second variant of the attack, the malware spam actually encourages you to download a new password in order to get into FaceBook. Here’s my email header clearly showing the malware file attached.
Understand that FaceBook will NEVER practice any of these email alerts. They will never send a patch file or password file. Always be alert to techniques such as these which will attempt to get you to download and install the malware files.
Protect yourself from invasion
- Read suspicious mail starting with who it’s to and who it’s from
- Do not click any link until you’re sure where it goes
- Do not click images – their links cannot easily be seen
- Do not reply
- Delete the email, or forward to spam authorities
Be sure to read this article about another sneaky ploy used by cyber criminals: Beware new Malware Scheme
Thanks for reading…
You can also keep up with the efforts to curb spam and cybercrime by reading the news at Knujon and HostExploit.com. I encourage everyone to switch to SpamCop and take a stand against spam.
THANK YOU !!!
This is such vital information for the masses — so many do not take part in the anti-spam, anti-phishing efforts of a few, so we cannot make headways against the scourge of cyber crime.
Your work over the years has been a God-send to the community, thanks to Lynn and Fred!
http://www.antiphishing.org/
Social comments and analytics for this post… This post was mentioned on Twitter by Infomanager: Facebook Malware again … they’re back — cyber criminals want to use FaceBook to put malware on your Windows computer http://cg2e3.th8.us...