Beware of ‘you’ve been tagged’ Facebook scam

19 Jul 2012282 Views

Internet users are being warned to beware of a new email scam doing the rounds whereby they receive an email telling them they’ve been tagged in a photo. Clicking on the link leads to a black hole exploit kit that puts malware onto users’ machines.

SophosLabs has intercepted a spammed-out email campaign, designed to infect recipients’ computers with malware.

The security software player is adding detection of the malware as Troj/JSRedir-HW.

“If you click on the link in the email, you are not taken immediately to the real Facebook website,” Sophos’ Graham Cluley explained.

Support Silicon Republic

“Instead, your browser is taken to a website hosting some malicious iFrame script,” he added.

“To act as a smokescreen, however, within four seconds your browser is taken via a META redirect to the Facebook page of a presumably entirely innocent individual.”

One of the ways of spotting the hoax emails is the misspelling of Facebook as “faceboook”, with three Os.

sophos

John Kennedy is an award-winning technology journalist who served as editor of Siliconrepublic.com for 17 years.

editorial@siliconrepublic.com