If you’ve received an email from Facebook telling you about a new photo you were tagged in, be extra careful. As first discovered by Sophos, a fake email that’s going around has been urging people to open the included attachment by claiming to contain a new photo you’ve just been tagged in on Facebook. It makes the proposition even more tempting by claiming the tagger has listed you as “close friend”.
The email comes complete with Facebook’s blue colors and familiar design, as you can see in the screenshot below from Sophos, so that despite the suspicious text, those who don’t bother to read it can easily be duped into clicking the attachment. The attachment itself has been identified as Troj/Agent-XNN, which disguises itself as a Sun Java updater, and runs every time you boot your PC.
The email reads:
One of your Friends has added a new photo of you to the album.
You are receiving this email because you’ve been listed as a close friend.
[View photo with you in the attachment]
While this email is easily identified as spam when you put your mind to it, we don’t always bother to do so when receiving emails from Facebook. It’s worth it, however, to pay close attention, and at least check who the email is really coming from. In this case, the From address is <firstname.lastname@example.org>. This can change from email to email, but looking at it closely, the address is obviously a fake.
Image credit: Trojan image via Shutterstock