Blog
Ranjeet Menon

Malware attack through Facebook photo tag notification

July 24, 2012
29
Estimated reading time: 1 minute

This is a warning for Facebook users. A fraudulent email is circulating on the Internet claiming to be from Facebook and saying you’ve been tagged in a photo. The email probably looks like this:

On a closer look the email is from “notification @faceboook.com” and not from a “Facebook.com” domain. This is a specially crafted email that is targeting innocent Facebook users. Those who click on the link in the email get redirected to a bogus link that hosts malicious iframe scripts. These scripts take advantage of the Blackhole exploit kit and start infecting the system.

This happens within a few seconds and then the browser gets redirected to the original Facebook website. So the user does not get a hint about any kind of suspicious or malicious activity. In our case, two malicious files got downloaded. These files belong to the Trojan.Redirector family. Malware that belongs to this category has the following characteristics:

  • Stays resident in the background
  • Changes browser settings
  • Shows commercial adverts
  • Connects itself to the Internet

Kindly do pay attention while clicking on any link in the email. If you come across such emails do not click on any link present inside. Instead, delete the email and keep your Quick Heal antivirus updated.

 

Have something to add to this story? Share it in the comments.

29 Comments

Your email address will not be published.

CAPTCHA Image

  1. Linda MartinJuly 24, 2012 at 5:25 PM

    Thank you for this information !!

    Reply
  2. Thank You for getting us updated about these attacks

    Reply
  3. Indra Bdr.Thapa MagarJuly 24, 2012 at 7:24 PM

    Very very Thank you for this inform us about malware attack through Facebook photo tag notification.

    Reply
  4. thanks for great info

    Reply
  5. Excellent article! Btw this virus is not new. I had received one such mail on yahoo couple of years back.

    Reply
  6. Syed Ismail ShahJuly 24, 2012 at 7:48 PM

    Loads of thanks for this info… 🙂

    Reply
  7. Thanks a lott 4 dis information…

    Reply
  8. satishu rawatJuly 24, 2012 at 8:39 PM

    thnxxx for informing this attack

    Reply
  9. mangesh jadhavJuly 24, 2012 at 8:57 PM

    thank you so much ravindra sir,,,,,,,,,,,thanxx for such important information

    Reply
  10. Nice….Information Thanks Dude

    Reply
  11. Abinash SharmaJuly 24, 2012 at 11:41 PM

    Thanks For the Imp information.

    Reply
  12. Munshi AzharJuly 25, 2012 at 5:33 AM

    Thanx for the alerting information

    Reply
  13. derese admasuJuly 25, 2012 at 6:37 AM

    Thanks for this alert information. I would like to ask
    your good office why not quick heal antivirus is not give
    information/ report about the action taken on my computer
    ,like the type and number of viruses killed.
    Thank you in advance for your immediate reply.
    If not me & the friends of mine will be forced to change
    our antivirus.
    from IIT-ROORKEE, INDIA

    Reply
    • Hi,
      You can view the detailed report of Quick Heal’s activity by opening the Reports menu in the main dashboard. When Quick Heal detects a threat and removes it, a small bubble is displayed in the lower right corner of the screen. This bubble is only visible for a short period of time so that it does not intrude on the user’s activity.
      Thanks.

      Reply
  14. Divyakant ShahJuly 25, 2012 at 9:43 AM

    Thank You for causing us updated about these attacks

    Reply
  15. @Divyakant, @Munshi, @Abinash, @Pratik, @Mangesh, @Satishu, @Rahul, @Syed, @Sherry, @Abhishek, @Indra, @Hitesh, @Linda: Thank you all for your appreciation. We shall continue to detect such threats and provide you with security protection.

    Reply
    • derese admasuSeptember 8, 2012 at 7:49 AM

      Thank you for your immediate reply once again. Please tell me the main features in which Quick Heal anti virus is better than others in the market. This is because me and the friends of mine here in IIT-Roorkee who are using the Quick Heal are suffering the attack of our computers with Malwer virus and others which make the speed of our PC’s too slow. Please can you advice something to alleviate such problems immediately.
      Wish you all the best.
      Derese

      Reply
  16. very useful information! thanks for your timely update!

    Reply
  17. PP GhoshalJuly 25, 2012 at 11:05 AM

    Thank you very much for this information.

    Reply
  18. Rakesh kumarJuly 25, 2012 at 5:25 PM

    Thanks for your guidance about the security on social networks.

    Regards

    Rakesh

    Reply
  19. viplove sainiJuly 25, 2012 at 7:10 PM

    very useful information! thanks for your timely update!

    Reply
  20. Thanks quickheal for keeping updated

    Reply
  21. Thanks for the information..

    Quickheal Does not support Windows 8!

    When quickheal 2013 will released?

    Reply
  22. @Sachin, @PP Ghoshal, @Rakesh, @Viplove, @Akshay: Thanks for reading. Please visit our blog regularly for more security updates.

    Reply
  23. in my mail account all days come mail like this (notification+kr4m2eqsyeyx@facebookmail.com). is this fack or virus.

    and this is virus how can i protect my identity and pc from this types of mail i have all ready quick heal total security user..

    Reply
    • Hi Darpan,
      These are fake emails and you should delete them right away if they happen to reach your inbox. Just be alert and keep your system and antivirus updated and you will be fine.
      Regards.

      Reply
  24. Swapnil ThakareJuly 16, 2016 at 4:50 PM

    anti virus quick hill is the best virus

    Reply