Monday, August 27, 2012

Facebook friends' names spoofed as spam sender fields, gives links to infected sites, maybe dangerous stuff


Recently, I’ve received spam with names of Facebook friends spoofed into the sender field.

All of the emails give a link to a site, with may be something like “Kliewer customs” or something that looks more legitimate, like “downtown Denver News”.  Some of them give a site based on the name of a person plus a two letter number.  And some emails point to a Flickr album of a person.

I looked up one of the person’s names on Firefox and found sales links for old cars (OK) and, oddly, chemical and biological weapons.  Rather scary stuff. 

I presume that the sites linked in the emails (I even open them on a separate computer that I don’t use for critical stuff) are hacked or infected. 

It would be possible for someone to download child pornography accidentally this way, which could result in a legal liability. 

I don't know if there was a security breach at Facebook that allowed a script to be written to do this en masse. 

No comments: