Fake Facebook Notification Leads to Malware
Trend Micro researchers received samples of a spammed email message claiming to be an email notification from social networking site Facebook. Written in Spanish, the body of the message informs the readers that a private multimedia message has been received. Users can supposedly view the message by clicking on the icon provided. However, clicking the icon points to a website that prompts the download of an executable file named MMS_Facebook.exe. Trend Micro detects this as BKDR_IRCBOT.FBK.
Users should always be wary of mails such as these, even if they first appear to be legitimate and from trusted sources.