Cybercriminals are spamming out phony Facebook notification emails claiming that a friend has added a new photo of you in their photo album knowing that there’s a pretty good chance users will jump at the opportunity to view what types of photographic evidence their friends have of their everyday shenanigans.
At first glance, the emails look authentic; however I have yet to come across a legitimate Facebook email that comes with an attachment in tow:
Subject: Your friend added a new photo with you to the album
One of Your Friends added a new photo with you to the album.
You are receiving this email because you’ve been listed as a close friend.
[View photo with you in the attachment]
Facebook, Inc. Attention: Department 415 P.O. Box 10005 Palo Alto, CA 94303
According to Sophos, the zip archive attached to the email (which is named New_Photo_With_You_on_Facebook_PHOTOID[random].zip) contains malware identified as Troj/Agent-XNN. Total shocker, right?
Truth be told, cybercriminals often use fake Facebook notification emails to spread malware. It was only a few weeks ago that Sophos warned of cybercrooks using fake Facebook photo tagging notifications with malicious links to spread malware, and before that the more standard “missed activity” notification emails were used.
What to Do with Fake Facebook Emails
Did you get a Facebook notification email that you suspect is a fake?
- Do not click on any embedded links.
- Do not download or open any attached files.
- Report the email to Facebook.
- Delete the email immediately.
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.