A pair of new malware strains are making their way through the Facebook community this week, using different delivery methods but the same bait: follow these instructions or you won’t be able to see who posted on your wall.
As eSecurity Planet reports, these new security threats are capable of turning your PC or smartphone into convenient spam-distribution devices and stealing enough personal information to access victims’ online banking and other accounts.
Both scams, either delivered in an unsolicited email or instant message, threaten intended victims with the prospect of not being able to login or access their Facebook accounts.
Panda Security researchers identified the first new threat as Asprox.N, is a Trojan stashed away in an unsolicited email that advises users that their Facebook accounts are being used to send spam. When someone foolishly follows the hacker’s deceptive directions, which include clicking on a faux Word document supposedly containing a new password, the victim’s PC or mobile device is infected and becomes a vehicle for distributing spam.
The second threat, which is being spread across MSN and Yahoo instant messaging apps, displays a malicious link that, if clicked, infects users’ computers or mobile devices with the Lolbot.Q worm.
Once the worm has installed and victims attempt to log in to Facebook, a message pops up informing users that their account has been suspended and, in order to reactive their account, they must fill out a questionnaire offering a chance to win a new laptop or iPad.