Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
A new email threat has been identified that poses as being from Facebook.Security firm Red Condor identified the second email threat in as many days that claims to be from Facebook administrators. This includes a link to a spoofed Facebook login page, which prompts users to reveal personal information and then download a banking Trojan Downloader.After a user enters their credentials, they are prompted to download ‘updatetool.exe' which has been detected as a Zbot Trojan variant. The company claimed that the spoofed Facebook login page is fairly sophisticated and uses ‘www.facebook.com' in the sub-domain portion of the malicious URL.As a result, people with small screen resolution or small browser windows/address bars may think that they are on the Facebook login page. At the time Red Condor Spam Trigger detected the threat, only one-third of anti-virus engines had detected it.Dr. Tom Steding, chief executive officer of Red Condor, said: “Given the comfort level that millions of users have with Facebook, we want to make sure that everyone knows that there are multiple spoofed Facebook emails hitting inboxes, and that the blended threat email we are warning about is different than the one many media outlets have already reported.Facebook has become phenomenally popular, which makes it a prime target for spammers and cybercriminals. Unprotected email users need to be increasingly aware of the variety of threats that will come to their inboxes posing as legitimate messages. This blended email threat is an interesting twist that seems to have baffled a number of AV engines.”
Jamie Tomasello, Cloudmark's abuse operations manager, said: “The last three days have seen a sharp uptick in social engineering, as one or more of the malware distributors are, once again, playing on the popularity of Facebook to convince people to open their email.“Emails with the subject ‘Facebook Password Reset Confirmation' have been flooding inboxes over the last few days, enticing people to open a zip file which purportedly contains the user's new password.“I cannot stress enough – these emails are not coming from Facebook, and they do not mean that your Facebook account has been taken over, or that someone is trying to get your password. Facebook, unfortunately, is just another victim here; they can't stop bad guys from using their name to dangle as bait in front of you.”See original article on scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.