Malware tied to Blackhole disguised as Facebook photo tag alert

The security firm intercepted a spam email campaign designed to infect recipients’ computers with malware linked to the popular Blackhole exploit kit, warned Graham Cluley in a Naked Security blog post.

The photo tag alert looks legitimate, except for the “from” email address: it is from notification@faceboook.com with one too many “o”s, Cluley observed.

Victims who are fooled into clicking on the link are taken to a website hosting malicious iFrame script that takes advantage of the Blackhole exploit kit. However, within four seconds, the victim is redirected to a legitimate Facebook page of a “presumably entirely innocent individual”, he related.

Cluley advised readers to keep “your wits about you” when online. “Even if you didn't notice that ‘Faceboook’ was spelt incorrectly, you could have seen by hovering your mouse over the link that it wasn't going to take you directly to the genuine Facebook website. If you don't take the right steps to protect your computer, one day a cybercriminal might find the right social engineering trick to dupe you into making a bad decision or visit a dangerous website.”

 

What’s Hot on Infosecurity Magazine?