ALERT: Malicious 'Account Cancellation' Request strikes Facebook

By: DiversityHuman in Technology

Malicious attack in Facebook - bogus 'Account Cancellation' Request

facebook-malware-email.jpgHave you received an email asking you to confirm that you wish to cancel your account? Be on your guard.

Above are the first few lines in the article published by Sophos, a developer and vendor of security software and hardware, including anti-virus, anti-spyware, anti-spam, network access control, encryption software and data loss prevention for desktops, servers, email systems and other network gateways.

The article describes how your system can be infected by this malicous program. According to the malware analyses, the email message contains the following:

This is the text that will appear in the email body:

Hi {email address}

We are sending you this email to inform you that we have received an account cancellation request from you. Please follow the link below to confirm or cancel this request

Thanks, The Facebook Team

To confirm or cancel this request, follow the link below: click here

In the email message it clearly stated, "to confirm or cancel this request". In other words, it desperately invites the user to click the link because most likely you don't like to cancel your account.

When you click on the link, it doesn't point to an official Facebook page, but a third-party application running on the Facebook platform.

The first thing you're likely to encounter if you did click on the link is a message asking you if you want to allow an unknown Java applet to run on your computer.

And it seems they're pretty insistent that you allow it. If you hit the "No thanks" button they'll just carry on pestering you to allow the Java applet to run.

facebook-malware-insist.jpg

The hope of the cybercriminals is that victims will blindly agree to whatever the computer tells them to do, in order to "fix" the account cancellation request.

If you do allow the applet to run, you will see a message telling you that Adobe Flash must be updated.
facebook-malware-email-plugin.jpg

Of course, the code that is downloaded is not really Adobe Flash at all. Instead, the program drops additional files into your /WIN32 folder, which have the intention of allowing remote hackers to spy on your activities and take control of your computer.

How to protect yourself against the hazard of this security intrusion?

Don't click on the link to avoid issues on your system and facebook account. Just delete the message if you receive this malicious email.

Is this a planned attack? It's too much of a coincidence that it hit when Mark Zuckerberg and Priscilla Chan got married.


DiversityHuman

Author

DiversityHuman

Posted by DiversityHuman.com on 23 May 2012



Enter your email address:

Enter a valid email and receive notifications of our new posts! We won't spam you. Promise!


COPYRIGHT DISCLAIMER: Should you, or your organization, possess the copyright to any images attached on our main entries and you are able to prove such claim, please contact the webmaster at your earliest convenience. Use of these materials (images,embedded videos, etc.) are not intended as a copyright infringement on any of the artist or any other entity's copyrighted material.



Technology


Thank you for the visit!

DiversityHuman.com - It's all about us. It's all about you!