News Articles

Facebook phishing attacks could install malicious software on unsuspecting machines

Computer security experts are warning that a new wave of malicious spam is making the rounds, attempting to trick users into revealing their user information for popular online social network Facebook.

Prospective victims receive an email purporting to be from the Facebook team, asking them to enter their login and password information to download a “security update tool” which is actually the Zeus Trojan in disguise. Not only do online criminals end up with ill-gotten Facebook passwords, they successfully add another victim to the list of computers infected with their malicious software.

The campaign began late last month, with the University of Alabama's spam lab receiving hundreds of copies of the faked message. Gary Warner, that institution's director of computer forensics, writes on his blog that “only 8 of 41 [anti-virus programs] are currently labeling this executable as malware.”

Malware purveyors have expanded along with the number of possible venues for spreading infection. All of the major social networks, Twitter, and numerous other Web 2.0 applications have been targeted by cyber criminals.