Sophos warns of fake Facebook photo tagging notification email

Published Date
21 - Jul - 2012
| Last Updated
21 - Jul - 2012
 
Sophos warns of fake Facebook photo tagging notification email

Security experts Sophos have pointed out a new spam campaign that is aimed at Facebook users, designed to infect recipients' computers with malware.

The spam mail lures Facebook users by telling them they have been tagged in a photograph. On clicking the link, users are directed to a dubious photo. However, by then the web browser is taken to a malicious iFrame script that supposedly launches the exploit kit, known as Blackhole. The exploit then opens gates to your system for more malware attacks.

The spam mail, however, is quite tough to spot, as within four seconds, your browser starts loading a Facebook profile-like page. Users hardly get any time to figure out something has gone wrong, in the meanwhile.

"Even if you didn't notice that "Faceboook" was spelt incorrectly, you could have seen by hovering your mouse over the link that it wasn't going to take you directly to the genuine Facebook website," says Sophos.

"If you don't take the right steps to protect your computer, one day a cybercriminal might find the right social engineering trick to dupe you into making a bad decision or visit a dangerous website."