{"id":74604,"date":"2012-07-24T15:06:51","date_gmt":"2012-07-24T09:36:51","guid":{"rendered":"https:\/\/blogs.quickheal.com\/?p=74604"},"modified":"2023-10-12T12:54:22","modified_gmt":"2023-10-12T07:24:22","slug":"malware-attack-through-facebook-photo-tag-notification","status":"publish","type":"post","link":"https:\/\/www.quickheal.com\/blogs\/malware-attack-through-facebook-photo-tag-notification\/","title":{"rendered":"Malware attack through Facebook photo tag notification"},"content":{"rendered":"

This is a warning for Facebook users. A fraudulent email is circulating on the Internet claiming to be from Facebook and saying you’ve been tagged in a photo.\u00a0The email probably looks like this:<\/p>\n

\"\"<\/a><\/p>\n

On a closer look the email is from \u201cnotification @faceboook.com<\/em>\u201d and not from a \u201cFacebook.com<\/em>\u201d domain. This is a specially crafted email that is targeting innocent Facebook<\/a> users. Those who click on the link in the email get redirected to a bogus link that hosts malicious iframe scripts. These scripts take advantage of the\u00a0Blackhole<\/em> exploit kit and start infecting the system.<\/p>\n

This happens within a few seconds and then the browser gets redirected to the original Facebook website. So the user does not get a hint about any kind of suspicious or malicious activity. In our case, two malicious files got downloaded. These files belong to the Trojan. Redirector<\/strong> family. Malware that\u00a0belongs to this category has the following characteristics:<\/p>\n