Here at SiliconANGLE, we always remind our readers to be vigilant when opening e-mails from unknown sources as it could often contain links to malware laced sites.  But what if you thought the source was from a trusted network, like Facebook?  You’d open that e-mail, click on the link that says one of your friends tagged or uploaded a photo you, ‘coz you didn’t think much of it.  You get redirected to an unknown site, then redirected to a legit Facebook page that has nothing to do with you or the said notification.  Still, you think nothing of it.  Then BAM!  You just got infected with malware.

So you ask, “Where the f@#% did that come from?”  Trace your steps, you might just opened an e-mail from @faceboook.com not @facebook.com.  See the difference?  There are three Os.

SophosLabs intercepted a spammed out e-mail campaign designed to infect computers with malware.  It sends out harless-looking e-mails like this one:

Looks legit, right?  But look closely, it’s from @faceboook, with three Os.  Clicking on “See Photo” or “Go to Notifications”, your browser is directed to a website hosting malicious iFrame script that takes advantage of the Blackhole exploit kit, putting your computer at risk for malware infection.

But before you can think too much about what’s happening, your browser is taken to Facebook, via a META redirect, but instead of the tagged photo or your friend’s page, you will see a Facebook page entirely unrelated to the notification you received.

SophosLabs is now adding detection of the malware known as Troj/JSRedir-HW so users can be warned if a threat is perceived.

Again, we cannot warn users enough, be careful when opening links even if you think an e-mail is from a trusted sender.  Before clicking on a link, just by hovering your cursor on the link, you can see the address of the link, so you’ll have an idea whether the link is legit or not.

Another thing is, if you receive e-mails saying you have Facebook notifications, just go to Facebook to check things out rather than using the link.  It may seem like a few more steps than just clicking on the link but your computer would thank you for it.