Offensive Facebook email leads to Blackhole malware attack

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Facebook users are warned to be on their guard against unsolicited emails they might receive suggesting that someone has left an offensive comment about them on their wall.

Malicious email

Hi,

[REDACTED] commented on your Wall post.

Sign up to our free newsletter.
Security news, advice, and tips.

[REDACTED] wrote: "you piece of shit!!!"

See the comment thread

Reply to this email to comment on this post.

Thanks,
The Facebook Team

Of course, if you were alert you would hopefully notice that whoever sent out the emails has done a pretty poor job at disguising the message as though it were really from Facebook – take a look at that From: address for instance,

[email protected]

But there is always the danger that some computer users will be tricked into clicking on the link.

And if you do make the mistake of clicking to find out more you will not be taken to the real Facebook site, but instead your browser will visit a website hosting a malicious iFrame script detected by Sophos as Mal/Iframe-W. Within seconds, your computer will find itself put at risk of malware infection via the notorious Blackhole exploit kit.

You may not notice, however, as the cybercriminals have redirected your web browser to a Facebook page which acts as a smokescreen to the attack.

Innocent Facebook page

There is no suggestion that the owner of this Facebook page is in anyway related to the malware attack.

Please remember to always be on your guard. You would have been protected from this threat if you had kept your wits about you.

Even if you didn’t notice that “Faceb00k” was spelt incorrectly, you could have seen by hovering your mouse over the link that it wasn’t going to take you directly to the genuine Facebook website.

Obviously, it’s also very important to run up-to-date anti-virus software and keep your computers patched against the latest vulnerabilities.

If you don’t take the right steps to protect your computer, one day a cybercriminal might find the right social engineering trick to dupe you into making a bad decision or visit a dangerous website.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.