Tech Daily
News | Analysis | Comment | Features | Reviews

Second phishing attack targets Facebook users

Scam email is particularly convincing, warns security expert

David Neal, V3.co.uk 29 Oct 2009

Facebook users are facing yet another malware attack this week, after security experts warned of a new phishing scam with a nasty payload.

Email hosting provider AppRiver said that the Zbot, or Zeus, botnet is delivering 30,000 messages a minute, and warned users to take extra care with unsolicited emails.

"We have already seen about 1.65 million messages from this campaign. As we've come to expect from Zbot, the phishing email is well crafted and could easily trick the unsuspecting recipient into falling for its ruse," Fred Touchette, a senior security analyst at AppRiver, said in a blog post.

"The graphics are well done and all look like something you would see from Facebook. The email informs users that Facebook is updating their log-in system to 'make things more secure', and urges people to click on the update button in the email.

"This should be enough anyone needs to see, considering that Facebook, your bank or anyone else, doesn't need every one of their users' participation in order to update their product."

Clicking on the link leads to a genuine-looking Facebook login screen that asks for the user's password. Another screen then asks them to download an update tool, which is actually the Zeus Trojan that typically targets bank accounts.

"Stay away from these emails. Zeus or Zbot spares no effort in making their attacks appear to be genuine. It is very important to protect yourself by being vigilant," said Touchette.

"If you don't personally know the sender, I would avoid clicking any links in emails, especially when the term 'your account' appears anywhere in the email."

This is the second phishing attack on Facebook users in as many days, following the discovery yesterday of a widespread attempt to trick users into giving away password and login details.

Twitter
Cyber squatters drive false Twitter-Google rumours
Micro-blogging site accused of favouring Google  20 Oct 2009
Internet
Web giants fight for an open internet
Twitter, Facebook and Google gear up for US net neutrality battle  19 Oct 2009

All Enterprise Security Technology
Tags: Facebook, Threats, Social-networking, Spam, Phishing, Security

Like this story? Spread the news by clicking below:

Post this to Delicious del.icio.us    Post this to Digg Digg this    Post this to reddit reddit!

R E L A T E D   C O N T E N T

© Incisive Media Ltd. 2009
Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503