Security researchers are warning of an email scam that informs recipients that an old schoolfriend wants to add them as a friend on Facebook.

The message appears to come from a legitimate email address and is laid out to look like the format of Facebook's homepage.

Trend Micro explained that the cybercriminals had also taken steps to make the email seem genuine by linking to the Facebook website.

"All of the links found in the message body lead potential victims directly to the legitimate Facebook site, with the exception of the login button, which draws a blank page because of an intentionally incorrect URL format," said Rex Sumo, a fraud analyst at Trend Micro.

However, what the criminals behind the scam really want you to do is to open the file attached to the email, which a recipient may believe contains information as to the identity of the mysterious 'friend'.

Opening the attachment, however, initiates the download of a worm that will infect your PC.

This is not the only attack that has attempted to play on Facebook's popularity in recent weeks, Trend Micro said.

"Interestingly, two notable worms used Facebook a month ago in their propagation routines. The popularity of social-networking sites are clearly targeted for cybercriminals who are intent on infecting more users," said Sumo.

The company advised emailers not to download attachments on emails from unknown sources.

If you think you have been infected by the worm, run a full scan of your PC, though you may need to contact the firm that provides your internet security software for removal instructions.

www.trendmicro.com

Back to index