Recently, cybercriminals spamvertised yet another massive email campaign, impersonating the world’s most popular social network – Facebook.

It was similar to a previously profiled spam campaign imitating Facebook. However, in this case the cybercriminals behind it relied on attached malicious archives, compared to including exploits and malware serving links in the email.

More details:

Sample screenshot of the spamvertised email:

Detection rate for the malicious archive: MD5: 0938302fbf8f7db161e46c558660ae0b – detected by 34 out of 43 antivirus scanners as Trojan.Generic.KDV.753880; Trojan-Ransom.Win32.Gimemo.arsu. Upon execution, the sample opens a backdoor on the infected host, allowing the cybercriminals behind the campaign to gain full access to the affected host.

Webroot SecureAnywhere users are proactively protected from this threat.

If users feel they received a bogus email that may not be coming from Facebook, they can alert Facebook by forwarding the message to phish@fb.com. In addition, users can check to see if their account has been compromised by visiting www.facebook.com/hacked.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

Blog Staff

About the Author

Blog Staff

The Webroot blog offers expert insights and analysis into the latest cybersecurity trends. Whether you’re a home or business user, we’re dedicated to giving you the awareness and knowledge needed to stay ahead of today’s cyber threats.

Share This