Beware! Cybercriminals are using facebook to spread malwares!

According to a report Cybercriminals are using Facebook to spread harmful banking Trojans. They are using twitter too. A number of cases related to it have been found in Brazil. Cybercriminals are using social engineering techniques to trick the Brazilian Portuguese-speaking users. According to a Dec, attackers trick the users to download a Spy Banker Trojan.

Using social media platform attackers send a short URL that provides the vouchers, user coupons and Premium software downloads services. This is only a link for normal user but in actual the goal of the attackers behind it takes the victim to a server which is hosted on Google’s cloud server where Spy Banker is downloaded. Kaspersky Lab security researcher Fabio Assolini said,” The criminals are banking on the victim seeing the "facebook.com" link and trust it enough to click it”. He also told that the main purpose of cybercriminals behind these attacks is to use the Facebook platform to spread malware for the users. Because most of the users tends to trust on the link which look likes facebook.com.

Assolini said Attackers are doing this by creating fake accounts with fake or no pictures included. The user will get a malicious email which will ask him to download a file hosted on facebook, in the end. This is a very advance and clever social engineer attack.

Google Docs, Sugarsync and Dropbox are the other platforms used by the cybercriminals. Google also spotted the cybercriminals using these platforms. Assolini also told that the process of spreading the malware through facebook is newly added by attackers to their social engineering platforms list.

A researcher of Kaspersky Lab said that there was a malicious facebook link which had got more than 102,000 clicks between October 20 and November 30. Assolini recommends the users to be aware about the social engineering attacks. Users can also use robust antivirus solutions to get rid of this type of attacks. These antivirus solutions are necessary for the primary defenses. Users need to check every executable file using antivirus which they had to download from internet; even it comes from very trusted server like facebook.

Source: scmagazine.com