Internet users are being warned to beware of a new email scam doing the rounds whereby they receive an email telling them they’ve been tagged in a photo. Clicking on the link leads to a black hole exploit kit that puts malware onto users’ machines.
SophosLabs has intercepted a spammed-out email campaign, designed to infect recipients’ computers with malware.
The security software player is adding detection of the malware as Troj/JSRedir-HW.
“If you click on the link in the email, you are not taken immediately to the real Facebook website,” Sophos’ Graham Cluley explained.
“Instead, your browser is taken to a website hosting some malicious iFrame script,” he added.
“To act as a smokescreen, however, within four seconds your browser is taken via a META redirect to the Facebook page of a presumably entirely innocent individual.”
One of the ways of spotting the hoax emails is the misspelling of Facebook as “faceboook”, with three Os.