WARNING: Emails Promoting ‘Business’ Flash Player Lead To Facebook Malware

Attention, Google Chrome users: There is no such thing as a “business” Flash player, and downloading any browser extensions billed as such will bring some serious malware with it.

Bitdefender Senior E-Threat Analyst Bogdan Botezatu told PCWorld about the threat, saying that it is being spread through spam emails that direct users to the Chrome Web Store to download business Flash player browser extensions.

Botezatu told PCWorld that once the bogus software is installed, it monitors users’ browser activity and strikes when those users land on pages that they are logged into via Facebook.

In those cases, Botezatu told PCWorld, the malware fetches pieces of JavaScript code that tell it what it can do with users’ Facebook accounts, and it leads to accounts being used to spam friends, post malicious links on news feed and timeline, and automatically like pages without consent.

Another potential risk pointed out by Botezatu to PCWorld: The malware can be used to steal Facebook cookies and gain control of users’ accounts from other computers. He told the magazine:

They can run as many campaigns as they want. All they have to do is fetch a new script. That’s how you can lose your account.

Botezatu told PCWorld antivirus software is likely useless against this type of threat, unless it includes Web filters, adding:

This kind of threat can persist in a browser for quite a long time.

Readers: Have you seen any emails attempting to coerce you into downloading a business Flash player?

Image courtesy of Shutterstock.

Related Stories
Mediabistro Course

Content Marketing 101

Content Marketing 101Almost 60% of businesses use some form of content marketing. Starting December 8, get hands-on content marketing training in our online boot camp! Through an interactive series of webcasts, content and marketing experts will teach you how to create, distribute, and measure the success of your brand's content. Register now!