Beware: Trojan Disguised As A Facebook Email On The Loose [Updates]

facebook trojan   Beware: Trojan Disguised As A Facebook Email On The Loose [Updates]If you’ve received an email from Facebook telling you about a new photo you were tagged in, be extra careful. As first discovered by Sophos, a fake email that’s going around has been urging people to open the included attachment by claiming to contain a new photo you’ve just been tagged in on Facebook. It makes the proposition even more tempting by claiming the tagger has listed you as “close friend”.

The email comes complete with Facebook’s blue colors and familiar design, as you can see in the screenshot below from Sophos, so that despite the suspicious text, those who don’t bother to read it can easily be duped into clicking the attachment. The attachment itself has been identified as Troj/Agent-XNN, which disguises itself as a Sun Java updater, and runs every time you boot your PC.

The email reads:

Greetings,

One of your Friends has added a new photo of you to the album.

You are receiving this email because you’ve been listed as a close friend.

[View photo with you in the attachment]

facebook scam sophos   Beware: Trojan Disguised As A Facebook Email On The Loose [Updates]

While this email is easily identified as spam when you put your mind to it, we don’t always bother to do so when receiving emails from Facebook. It’s worth it, however, to pay close attention, and at least check who the email is really coming from. In this case, the From address is <notification+kjdm-dj-gud_@facebookmail.com>. This can change from email to email, but looking at it closely, the address is obviously a fake.

Source: Sophos

Image credit: Trojan image via Shutterstock

Check out more about:

The comments were closed because the article is more than 180 days old.

If you have any questions related to what's mentioned in the article or need help with any computer issue, ask it on MakeUseOf Answers—We and our community will be more than happy to help.

19 Comments -

Kundan Bhardwaj

Not again, some months if you remember there was a JavaScript trick for facebook in which if you clicked it all your friends were sent that url as you got it. In todays time we have to be careful over the internet, it is very dangerous out there.

April Eum

i assume this is why i have also spam comments and messages.

Edward

I cant beleive on it

Kaashif Haja

I hear from my friends that their accounts have been hacked.
Well, I have to careful then..

venkatp16

Thnx for this info…

Ruben Marrero

Thanks

jpgwapo

thanks for that info..

Quebec Twosix

The use of “Social engineering” to deliver a computer infection is not anything radically new, but it is fantastically effective. The best thing is that people will will click upon the link, and then openly refuse to accept their stupidity. For clicking on a link of an IM or E-Mail where someone you don’t know, and have never met, states that “they have a photo of you is stupid.”

Sadly we are now in the era of global social media, where people no longer count their friends upon their fingers, but in the 1,000’s because they are listed as such in the social application. The more friends means that you are more popular & afterall these are truly global friends.

Enter the point, where years ago following a fairly significant virus outbreak within a global company I publically lamblasted the head of security for clicking on a link of a message stating that “here is a new photo of your mother I have”, from a person who he had never met; nor would his mother. He clicked the link because it came from a trusted source.

A trusted source is the issue, because the offending message was delivered through the corporate portal and therefore should be considered trustworthy – point taken, hummm pause for thought.

Maybe it’s not a case of “stupidity”, but trust, and the less well informed will inevitably click on the link, and then be faced with a java update that will reboot the computer and install a virus.

Hopefully, the mail in question will arrive as spam, and will quickly be eradicated; but we all live in hope

Yaara Lancet

Thank you for this elaborate comment! I agree, the lines between someone we know and trust and someone we don’t know have become blurred, at least more so than they were a few years ago. I make a conscious effort to only add Facebook people I actually KNOW.

But yes, it’s surprising how quick people are to trust links because of their source. A while back my friend’s MSN account got hacked, and I kept receiving weird links from her. I never clicked them, but I do wonder how many of her friends did.

Randy Thiesen

Having a GOOD up to date antivirus or security suite definitely helps matters when it comes to staying safe on these sites.

Igor Rizvi?

Thanks for the usefull information!

Nikhil Pandey

You can also get spam mails from any email. its possible. i pranked my friend by sending a mail from antipiracy@fbi.gov which worked and there were no traces. See how to do Here
http://www.nikhil-pandey.com/2012/08/fake-mailer-mail-from-any-email-to-any.html

Yaara Lancet

Yes, it’s definitely possible. Looking at the “from” address is just one way to determine what’s spam or not. There are many other signs.

Nikhil Pandey

Using the method above, the from seems to be original. Its not possible to determine wether its spam or not.

Heidi Smith

Thanks, great work letting us know!

Teodoro Villamarzo

The more we know, and reminded of, the more we can practice safe internet browsing. Thanks, Yaara, for ths warning.

Shahzad Billimoria

cool beans

Kp Rao

thanks

Arup Ghosh

Facebook should take care for this kind of stuffs .