Facebook ‘Tagged Photo Virus’ Spreading through Email

Users of the social network are at risk from a new virus causing stirs on Facebook, is spread through emails.

The emails, posing as photo alerts from the social network, look exactly like Facebook’s messages sent to a user’s personal email accounts when they are tagged in a photo. Photo: Francesco Strazzante/Flickr

However, instead of the links redirecting a user to the referenced photo, the victim is leaded to a site which infects the person’s computer with malicious software, and a few seconds later the link will redirect the user one more time to Facebook.com.

According to The Telegraph, the victims don’t realize that their PCs have been infected – but can spot the bogus emails as Facebook is misspelt as ‘Faceboook’.

“Be wary of emails claiming to be from Facebook, and saying that you have been tagged in a photograph,” warned Graham Cluley of the British internet security firm Sophos.

“SophosLabs has intercepted a spammed-out email campaign, designed to infect recipients’ computers with malware. If you click on the link in the email, you are not taken immediately to the real Facebook website,” he continued.

“Instead, your browser is taken to a website hosting some malicious iFrame script (which takes advantage of the Blackhole exploit kit, and puts your computer at risk of infection by malware).

He added: “Even if you didn’t notice that ‘Faceboook’ was spelt incorrectly, you could have seen by hovering your mouse over the link that it wasn’t going to take you directly to the genuine Facebook website.”

By the way, it’s not the first time hackers use the social networking giant to infect users’ computers. Last fall, another Facebook virus showed hardcore porn and violent pictures.

As BBC reported, the hardcore images had shown up in users’ newsfeeds. ZDnet, the technology site, explained that the material was being spread via a “linkspam virus” which tempts members to click on a seemingly innocuous story link.

At that time Sophos said the images had “flooded” the social network over 24 hours or even more.

The company’s senior technology consultant, Graham Cluely, revealed that it was not clear how the content was being spread, but predicted that the site would face long term consequences.

“It’s precisely this kind of problem which is likely to drive people away from the site,” he said. “Facebook needs to get a handle on this problem quickly, and prevent it from happening on such a scale again.”

The situation was getting worse and dozens of users had taken to Twitter to voiced up their unwillingness to head back to the website for fear of being flooded with the offending content.

“What is all the crap on Facebook now?” wrote Twitter users @_Ms_Ash. “I can’t even go on there without seeing porn or gory violence. Its disgusting.”

“Yep looks to me like facebook has been hacked on some level,” twitted user @SMASHGORDON_FTW. “[M]Y entire news feed is filled with violence and porn.”

“Protecting the people who use Facebook from spam and malicious content is a top priority for us and we are always working to improve our systems to isolate and remove material that violates our terms,” the company said in a statement.

“We have recently experienced an increase in reports and we are investigating and addressing the issue,” the social networking giant added.

Facebook had later found out that the virus was caused by a “coordinated spam attack.” The company it had “put in place backend measures to reduce the rate of these attacks and will continue to iterate on our defenses to find new ways to protect people.”

Share this article

We welcome comments that advance the story directly or with relevant tangential information. We try to block comments that use offensive language, all capital letters or appear to be spam, and we review comments frequently to ensure they meet our standards. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Coinspeaker Ltd.