About Me
Joris Evers
Joris is a former public relations professional and media spokesman at McAfee. He has closely followed the ...
Feeds & Podcasts
Consumer Blogs
- Consumer Threat Alerts (19)
- Consumer Threat Notices (1)
- Cyber Security Mom (182)
- Cyber Security Mum – Australia (22)
- Cyber Security Mum – India (43)
- Family Safety (64)
- Identity Theft (112)
- Mobile – Consumer (3)
- Robert Siciliano (130)
Meet the Bloggers
- Anindita Mishra
- Brenda Moretto
- Consumer Threat Alerts
- Cyber Mum Australia
- Dave Klenske
- David Marcus
- Editor
- Francie Coulter
- Gary Davis
- James Galpin
- Jan Volzke
- Jim Walter
- John Dasher
- Kim Eichorn
- Latha Ramasamy
- Lianne Caetano
- Madhurima Pawar
- Parry Aftab
- Paula Greve
- Raj Samani
- Rizwan Husain
- Robert Siciliano
- Rusty Carter
- Shane Keats
- Simon Hunt
- Tad Heppner
- Todd Gebhart
- Tracy Mooney
- Yan Liang
Archive
- February 2012 (18)
- January 2012 (47)
- 2011 (482)
- 2010 (431)
- 2009 (395)
- 2008 (294)
- 2007 (416)
- 2006 (169)
Tags
#SecChat $1 million guarantee 12 Scams of Christmas access to live fraud resolution agents Acquisition Alex Thurber Android antivirus Apple botnet Channel Partners cloud security Compliance Consumer counter identity theft credit card fraud and protection credit fraud alerts credit monitoring credit monitoring and resolution critical infrastructure Cyber Security Mom cyberbullying Cybercrime cybermom data breach data center data center security Data Protection Dave DeWalt DLP Email & Web Security embedded encryption Endpoint Protection enterprise facebook fake anti-virus software Family Safety Friday Security Highlights global threat intelligence google government Hacktivism how to talk to kids how to talk to teens identity fraud identity fraud scams identity protection identity protection $1 million guarantee identity protection fraud identity protection surveillance identity surveillance identity theft identity theft expert identity theft fraud identity theft protection identity theft protection product Identity thieves and cybercriminals intel iphone kids online behavior lost wallet protection malware McAfee McAfee Channel McAfee Family Protection McAfee Identity Protection McAfee Initiative to Fight Cybercrime McAfee Labs McAfee security products Mid-Market Mobile mobile malware mobile security monitor credit and personal information Network Security online personal data protection online safety Operation Aurora PCI personal identity theft fraud personal information loss personal information protection phishing privacy proactive identity protection proactive identity surveillance Public Sector restore credit and personal identity Risk and Compliance scam scams scareware security smartphones social media social networking social networks spam Stuxnet twitter vulnerability Web 2.0 work with victim restore identity
Cyberattack Via MSN References Facebook, Hi5
|
|
Cyberscammers are referring to popular social networking Web sites Facebook and Hi5 in an attempt to trick Spanish speaking computer users into clicking on a personalized malicious link sent via instant messages.
On Wednesday a friend in Ecuador sent me repeated messages via MSN Messenger. The messages asked: “Estas foto es tuyo?” with a link to a URL that resembled Facebook (but was misspelled) and a mention of Hi5 as well. (For non-Spanish speakers, the question translates to: “Is this photo yours?”)
The link included my personal e-mail address, which is also my MSN user name. I am paranoid, so I didn’t click on the link. However, I can understand that others might be duped by a message that comes from a friend, asks about a photo, includes a personalized link and references popular social networking sites.
I asked Craig Schmugar, a malware researcher at McAfee Labs, to check out the link. As I suspected, it goes straight to malware. The malicious program appears to spread itself via several instant message applications and turns an infected computer over to the attacker, Craig told me. I am not including the link in this blog posting because the Web site is live and the malware is still online.
Instead of going to a photo, the malicious link actually goes to an executable file (the malware.) If you run the file, it will pop up a message that says “Picture can not be displayed.” This may give you the false sense that nothing bad is happening on your PC, but you in fact just executed a malicious program. The attackers now have full control over your computer and it will join a network of commandeered PCs called a botnet.
The malware displays a fake alert while the nefarious software is installed.
The map below shows detections of the attack. McAfee Artemis Technology, our real time detection, blocks the attack. As you can see, the targets mostly appear in Central America, Latin America and Spain. No surprise, since the attack uses Spanish and refers to Hi5, which is popular in Spanish speaking countries.
Targets of IM attack mentioning Facebook and Hi5.
This is an old trick. Cyberscammers continuously look to build out their armies of commandeered computers by sending out malware. The attacks continue to get more cunning by personalizing them, just like in this example.
It has been a while since I’ve seen any of my friends get infected with malware and have their contact list spammed with malicious links. I hope it will be a while until it happens again.
As a general rule, don’t click on links that arrive via instant messages or e-mail, unless you have verified that your friend indeed intended to send you a trusted link. Also, make sure you run updated security software like McAfee Total Protection to shield against these type of attacks, just in case a cybercrook is successful in tricking you into clicking on a link.
|
|
Tags: Cybercrime, facebook, Family Safety, Hi5, malware
Comments (1)
Is very true, and we happened to see some friends send some link to see a photo or video, the worst thing you can do is click on that link.
Submit your own comments / message for this post