WARNING: Malware Poses As Facebook Account-Cancellation Email

Internet security firm Sophos warned of malware disguised as an email from Facebook telling recipients the social network received requests from them to cancel their accounts.

Sophos outlined the malware scam in a post on its Naked Security blog.

Potential victims receive emails, supposedly from Facebook, which read:

Hi [email address]

We are sending you this email to inform you that we have received an account cancellation request from you. Please follow the link below to confirm or cancel this request.


The Facebook Team

To confirm or cancel this request, follow the link below:

Click here

What makes this particular scam a little more dangerous than others is that the link goes to a Facebook.com address, which may encourage recipients to treat it as valid, although it actually takes them to a third-party application.

That app tries to hound recipients into installing an unknown Java applet, persisting even after the “no thanks” button is clicked. Those who continue receive a message that Adobe Flash must be updated.

Of course, rather than a Flash update, files are added to users’ WIN32 folders, which enable remote spying and hacking.

Sophos said its security products detect the malware as Mal/SpyEye-B and Troj/Agent-WHZ and block access to its website.

As Sophos pointed out, this particular scam plays on the emotions of Facebook users who fear losing access to their accounts.

Readers: Have you received any emails similar to the one illustrated by Sophos?

Warning sign image courtesy of Shutterstock. Screen shots courtesy of Sophos.

Related Stories
Mediabistro Course

Content Marketing 101

Content Marketing 101Get hands-on content marketing training in our brand new boot camp, Content Marketing 101! Starting September 8, digital marketing and content experts will teach you the tips and tricks for creating, distributing and measuring the success of your brand's content. Sign up before August 15 and get $50 OFF registration. Register now!