Facebook hit by Phishing and Online Banking Trojan Combo

From: Help Net Security

Facebook users should be on the lookout for an email threat that is posing as a message from Facebook administrators. The message contains both a phishing scam and a notorious “banking Trojan” virus.

A link within the spam email takes users to a spoofed Facebook login page requesting the user’s Facebook account information. After entering their credentials, users are then prompted to download “updatetool.exe” which is a Zbot Trojan variant.



According to Red Condor’s security experts the spoofed Facebook login page uses www.facebook.com in the sub-domain portion of the malicious URL. As a result, people with small screen resolution or small browser windows/address bars size might think they are actually on Facebook’s login page.



The Trojan associated with this threat installs a sophisticated “banking Trojan” that is known to scour the infected hard-drive for personal banking information and various login credentials, as well as perform key logging and other nefarious activities.



Continue Reading



In related news, a Judge Awarded Facebook $711 Million in Damages in Spam Case

Related articles by Zemanta

• Facebookers Beware: E-Mail Contains Virus (abcnews.go.com)


• Facebook Fights App Spam, Gives Games Its Own Dashboard Link (techcrunch.com)


• New Twitter Phishing Scam Targets Users Through DMs (readwriteweb.com)


• Facebook Awarded $711 Million Judgment Against Spammer (paidcontent.org)


• Judge Awards Facebook $711 Million in Damages in Spam King Case (insidefacebook.com)