This most recent attack technique appears as an arriving email but contains a crafted malicious link. The attack is camouflaged as a Facebook correspondence alerting the victim that a friend “commented on your photo”. Although new security procedures are being implemented to protect Facebook users, cybercriminals will continue to aggressively abuse this and other social networks.
The sender name is counterfeit and the email is NOT a Facebook address. When you run your cursor over the fake Facebook link it then becomes visible that it will redirect to a suspicious page; [***].org.ua/e107_files/cache/facebookredir.html, followed by an encoded script that direct users to another malicious page: P[**]o[**]e.com/wefretyutresrtydrtse/etf****izc.php.
Last week, Facebook announced their new Messaging system that will be launching in the next few months. Certainly it will give better control to users, and will possibly minimize some issues but we at McAfee Labs expect spammers and cybercriminals to attempt abuse as well. I’m a firm believer the most powerful tool is still common sense alongside some best practices: be an informed, safe and protected user. Always keep your security software up to date!