Cyber criminals fooling Facebook users with fake requests
By Joe Elvin
09/01/2011
Cyber-criminals are attempting to infect individuals with Trojans by sending them fake Facebook friend requests.
Thousands of emails have been distributed to inboxes, wherein senders pose as a legitimate friend request from the social media website.
However, instead of having a new online friend to talk with, all those who choose to accept the request will get is a link to a malicious domain that installs trojans onto their computer.
Many internet hackers are using techniques such as these to trick users into manually downloading viruses themselves. In order to protect themselves against such scams, internet users should invest in quality remote IT support software.
Explaining the scam in a blog for m86security.com, IT security expert Phil Hay said: "Clicking the link fetches a web page that contains two ways you can infect yourself. First, there is a link pretending to be an Adobe Flash update where you can download and install malware manually.
"Second, there is a hidden iframe that loads data from a remote server hosting the Blackhole Exploit Kit, which attempts to automatically exploit vulnerabilities on your system, notably Java."
Writing for theregister.co.uk, IT security journalist John Leyden points out the subtle differences between the legitimate and fake emails include the loss of any profile pictures or footer email addresses.
