Facebook, the biggest social media portal is under attack. According to Panda Labs a mass of emails have been sent to Facebook users pretending to be from Facebook team to update “User Agreement”. 16,000 such emails have been detected since yesterday says Panda labs.
Email message with subject “ UPDATED ACCOUNT AGREEMENT” comes with an attachment “AGREEMENT.ZIP” which contains “AGREEMENT.exe”. Users are required to download and install the application in order to update their user agreement.
Actual Email:
Dear Facebook user,
Due to Facebook policy changes, all Facebook users must submit a new, updated account agreement, regardless of their original account start date. Accounts that do not sumit the updated account agreement by the deadline will have restricted access to Facebook.
Please unzip the attached file and run “agreement.exe” by double-clicking it.
Thanks,
The Facebook Team
Just like other typical such emails, users are asked to activate agreement before a specific date to avoid restriction of their Facebook account. Details about what to do are included in the email.
Once “AGREEMENT.exe” is double clicked, it will install a fake anti-virus tool on your computer. What happens typically (after such program is installed on your computer) is, users get false malware/spyware alarms, computer restarts and sometime blue screen (Screen of death).
Even though this is an old method but chances are majority of Facebook users will fell for this.
Facebook users DO NOT download the attachment and run it because it obviously isn’t from Facebook team. If they ever need to contact they certainly won’t ask you to download anything (Specially .exe file).
Share with others if you care