Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fake Facebook Emails Deliver Malware Masquerading As Audio Message

Posted by timothy on from the you've-got-voicemail dept.

An anonymous reader writes: A new spam campaign is targeting Facebook users. It uses the same approach as the recent one aimed at WhatsApp users, and Comodo researchers believe that the authors of both campaigns are likely the same. The fake emails are made to look like an official communication from the popular social network, and their goal is to make the victims believe they have received a voice message. The attachment that the recipients are urged to download and open contains a malicious executable — a variant of the Nivdort information-stealing Trojan.

8 of 47 comments (clear)

  1. I received the message by 110010001000 · · Score: 5, Funny

    I got that message. I figured what is the harm in opening an executable I received in an attachment. After all, this is 1992! Modern times!

  2. "Facebook users" by Anonymous Coward · · Score: 2, Insightful

    I have no sympathy for anyone who uses Facebook and gets pwn3d by this shit.

    1. Re:"Facebook users" by mccrew · · Score: 2

      I see that you have conveniently jumped straight to victim blaming rather than owning up to the bigger failing, which is why ordinary users should even have to worry about becoming owned by benign-looking attachments.

      Especially for tech creators like so many of us here, this seems applicable: "When you point a finger at someone else, remember that there are three other fingers pointing back at yourself."

      --
      Hey, Windows users, there is no such thing as "forward" slash, there is only slash and backslash.
    2. Re:"Facebook users" by bloodhawk · · Score: 2

      The reality is that with choice comes a certain amount of responsibility. a woman should be able to wear a skimpy outfit and walk down dark alley's at night safe, a rich person should be able to have hundred dollar bills hanging out his pocket without fear of being mugged. The reality is that if you want the freedom to do that it comes with certain risks that society (or computer programmers) can't fully mitigate without you giving up some freedoms.

  3. Ob by Hognoxious · · Score: 2

    How do real Facebook emails deliver it?

    --
    Confucius say, "Find worm in apple - bad. Find half a worm - worse."
  4. Image recognition by martinux · · Score: 2

    Much of the spam I see is Paypal and Facebook. Shouldn't spam filters be image matching logos or looking for company names in an email and verifying the email came from a domain associated with that company?

    1. Re:Image recognition by Krojack · · Score: 2

      I just checked paypal.com's SPF. They are set to SoftFail. I feel like they should have that set to HardFail. SPF isn't 100% perfect but it does help.

  5. did we suddenly go back in time? by bloodhawk · · Score: 2

    Sooo why is this an article here? seriously this has been a common attack method for over a decade.