One of our spam analysts who works out of our Dublin, Ireland office, Kai Yu, wrote this on our internal malware blog.  I am reposting it here because I think that it is an important topic for this past week.


Since March 17th, there has been a large spam attack with malware attachments targeting Facebook’s 400m userbase with the goal of gaining access to their passwords.

In the mail, users receive the notice “from” Facebook to click the attachment to get their new password, while, in the attachment, the program attempts steal their password.  It reminds me from about four months ago, there was a similar attack also with the password stealer virus.

image


Facebook is one of fastest growing targets for abuse and “phishing” in the past couple of years.  Because of the vast swath of users, it is ripe for social engineering threats.  The reason spammers attack it is because of brand recognition; you recognize (and love) Facebook and therefore you feel good when you see a message from them.  You click the attachment, not really thinking about it and before you know it, you’re infected with a piece of malware and flipped into a botnet.  These social engineering ploys are effective because they play on human emotion.