Analysis by: Chloe Ordonia

Cybercriminals are using fake Facebook friend requests to spread malware in this spam attack.�The message appears to have a 'Confirm Friend Request'�button embedded, that when clicked, leads to�a page that mimics Facebook's login page. The fake�Facebook�login page, however, notifies the user instead that their installed version of Macromedia Flash Player needs to be updated for them to continue. It then offers a link where the users can download and install the latest version, and if clicked, initiates a download of a file that is labeled as an update installer but is actually a malware. It is to note that while the spammed message�is tailored to resemble�Facebook, the pages it links to bears suspicious non-FacebookURLs. Users are reminded to exercise caution whenever adding friends in any social networking site. Taking the time to check website URLs also helps in avoiding malicious pages posing as legitimate websites.

 SPAM BLOCKING DATE / TIME: August 21, 2011 GMT-8
  • ENGINE:6.8
  • PATTERN:8338