Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fake Facebook Emails Deliver Malware Masquerading As Audio Message

Posted by timothy on from the you've-got-voicemail dept.

An anonymous reader writes: A new spam campaign is targeting Facebook users. It uses the same approach as the recent one aimed at WhatsApp users, and Comodo researchers believe that the authors of both campaigns are likely the same. The fake emails are made to look like an official communication from the popular social network, and their goal is to make the victims believe they have received a voice message. The attachment that the recipients are urged to download and open contains a malicious executable — a variant of the Nivdort information-stealing Trojan.

21 of 47 comments (clear)

  1. I received the message by 110010001000 · · Score: 5, Funny

    I got that message. I figured what is the harm in opening an executable I received in an attachment. After all, this is 1992! Modern times!

    1. Re:I received the message by alphatel · · Score: 1

      I got that message. I figured what is the harm in opening an executable I received in an attachment. After all, this is 1992! Modern times!

      Evolution has selected Facebook users for extinction.

      --
      When the foot seeks the place of the head, the line is crossed. Know your place. Keep your place. Be a shoe.
  2. "Facebook users" by Anonymous Coward · · Score: 2, Insightful

    I have no sympathy for anyone who uses Facebook and gets pwn3d by this shit.

    1. Re:"Facebook users" by mccrew · · Score: 2

      I see that you have conveniently jumped straight to victim blaming rather than owning up to the bigger failing, which is why ordinary users should even have to worry about becoming owned by benign-looking attachments.

      Especially for tech creators like so many of us here, this seems applicable: "When you point a finger at someone else, remember that there are three other fingers pointing back at yourself."

      --
      Hey, Windows users, there is no such thing as "forward" slash, there is only slash and backslash.
    2. Re:"Facebook users" by bloodhawk · · Score: 2

      The reality is that with choice comes a certain amount of responsibility. a woman should be able to wear a skimpy outfit and walk down dark alley's at night safe, a rich person should be able to have hundred dollar bills hanging out his pocket without fear of being mugged. The reality is that if you want the freedom to do that it comes with certain risks that society (or computer programmers) can't fully mitigate without you giving up some freedoms.

  3. Ob by Hognoxious · · Score: 2

    How do real Facebook emails deliver it?

    --
    Confucius say, "Find worm in apple - bad. Find half a worm - worse."
  4. Image recognition by martinux · · Score: 2

    Much of the spam I see is Paypal and Facebook. Shouldn't spam filters be image matching logos or looking for company names in an email and verifying the email came from a domain associated with that company?

    1. Re:Image recognition by pr0fessor · · Score: 1

      from the microsoft account team outl.ook@outlook.com and a link to update my account information on some domain registered out of india that has been revoked... my spam filter caught it along with some similar ebay ones.

    2. Re:Image recognition by Krojack · · Score: 2

      I just checked paypal.com's SPF. They are set to SoftFail. I feel like they should have that set to HardFail. SPF isn't 100% perfect but it does help.

  5. Re:Interesting. by PPH · · Score: 1

    mobile app assigned a phone number to my tablet.

    Everything the phone company does involves phone numbers. Don't like it? Disable 3G/4G connectivity and live from WiFi AP to WiFi AP.

    --
    Have gnu, will travel.
  6. Re:Interesting. by laurencetux · · Score: 1

    you do know that there are in fact very nice tablets that

    DO NOT HAVE A PHONE RADIO AT ALL

  7. did we suddenly go back in time? by bloodhawk · · Score: 2

    Sooo why is this an article here? seriously this has been a common attack method for over a decade.

  8. Why are you still using Facebook? by Anonymous Coward · · Score: 1
    Literally nothing good comes from Facebook, why are you still using it?

    Oh, but how am I going to keep in touch with my 573,674 friends?

    LOL, you have FIVE friends, the rest are Facebook 'bots.

    I have Friends and Family I need to keep in touch with, they're important to me!

    If they're so goddamn important, why can't you pick up a phone once a week and, I dunno, actually TALK to them? Or how about something SO RADICAL as actually seeing people in person?

    I use this to represent my business

    LOL nobody cares, get a fuckign webpage like everyone else, loser, you just have NO FRIENDS and are lonely. Try OKCupid or something.

    You people are wasting time and energy and accomplishing NOTHING on Facebook. What was the last time you cleaned your house? Went to the gym? Out for a run, hell, even a WALK? You don't need to be glued to Facebook, the Internet, or your goddamn phone either. Go do something that actually matters and leave all that stupid shit behind somewhere. You might actually be healthier and happier in the long run.

    1. Re:Why are you still using Facebook? by malditaenvidia · · Score: 1

      Settle down, gramps. You forgot to take your medication again.

  9. Re:Interesting. by truck_soccer · · Score: 1

    The tablet doesn't have a sim card. or cell phone connectivity. Read the AC's post.

  10. Re:Interesting. by Krojack · · Score: 1

    Yet more and more phone calls can be placed via VoIP over wifi, which tablets can do.

  11. Re:Interesting. by sumdumass · · Score: 1

    No phone radio required. Their accounting and authentication system assigns a phone number in order to allow and control access on their network. A number will be assigned whether you have capabilities or not. Think of it as an access code even though it looks like a phone number.

  12. Re:Interesting. by sumdumass · · Score: 1

    Ignore this. I just noticed he was talking of the Facebook app not the tablet 3/4g access.

  13. Fake mails Deliver Microsoft Windows Malware .. by tetraverse · · Score: 1

    "A new spam campaign is targeting Facebook users"

    Shouldn't that be spam campaign is targeting Microsoft Windows?

  14. Re: What? by Anonymous Coward · · Score: 1

    There are more than 50 file extensions in Windows that will execute. It's hard to get all of them, and it sucks that Exchange doesn't block them out of the box. Our company email was shutdown for almost a week after Microsoft added the .MSI extension, and our users kept installing trojans. Microsoft didn't give any warning before adding that crappy feature. At the time, we used a project management system that used the extension .mis, so users didn't notice the difference.

  15. Re: What? by SpeZek · · Score: 1

    So use a whitelist, not a blacklist, for your blocking policies.

    Or do the other smart thing and don't allow regular users to have admin privileges.