Scammers Pose as Mark Zuckerberg in Spam Email to Hijack Facebook Accounts

Since going public, Facebook has had its share of problems and remains in an uphill battle to prove its market share value while retaining its vast user base. Continuous changes to its interface and privacy policy seem to veer it further away from its original model each and every day, making some question where Facebook's loyalty lie, with users or investors and advertisers. With so much unrest, is it plausible the CEO might send out a personal email to warn users they've breached the Terms of Service? What if the sender is none other than Mark Zuckerberg, Facebook's unorthodox and fearless leader? Probably not, but spammers are hoping not all PC users will agree, which is why they've chosen to spoof the young billionaire in a telling email spam campaign.

Spoofing recognizable parties or entities in email spam or malware communications to fool unsuspecting and trusting PC users is really nothing new and neither are the telltale signs or giveaways, such as the obvious misspelling of Mark's last name, 'Zurckerberg' instead of the correct Zuckerberg. Still, too many anxious and naïve PC users click much too fast, opening email spam communications and clicking on infectious links embedded throughout. In this particular instance, the bogus email message warns readers their accounts may be suspended lest they verify account information.

If lured, PC users will be shown a fake Facebook webpage and login screen. Entered credentials will be stolen and transported to a remote server and into the hands of a hacker, who may either sell the information on the black market or used it to hack into Facebook accounts and distribute malware. Victims, aka PC users, will then be transported to the Help page of Facebook's official website, never realizing they've been scam and their credentials stolen. As quiet as the data is stolen and a port opened to transport this stolen data, that some port could too allow download of more malware. In a blink of an eye, any one of the below tools can be secretly downloaded and installed:

• Fake antivirus Trojan carries out fake alerts, scans and reporting to scare victim into buying useless software.
• Fake ransomware carries out online kidnapping, locking screen and demanding ransom be paid for its release.
• Backdoor is used to give a hacker remote control of the infected system and can allow it be added to a botnet and used in a DNS strike.
• Keylogger is used to capture screen shots or keystrokes being entered into login screens and web based forms, especially those of a financial nature.
• Trojan downloader is used to open a port and intercept as well as install other malicious programs.
• Trojan hijacker can manipulate and negatively impact the browser, redirecting traffic to unwanted URLs, whether to encourage purchase of a rogue or fake antivirus, encourage click fraud or simply to let inside a barrage of annoying advertisements.

Not all malware triggers visual presentations making clear something is awry, although most all malware is stealth and can cripple weaker antivirus programs, keeping them from sounding alerts. Some malicious activity can not only threaten security of data and the victim's identity, but also can cause an undue system crash. The sooner the PC user investigates suspicious or poor system performance and reacts, the better chances of mitigating loss caused by malware. Removal of infections could be hampered by obfuscation tricks that blend or hide malware amongst system and applications files. Removal of the wrong file or a bad registry edit could corrupt the hard drive and keep Windows from booting. Therefore, we recommend professional aid of a formidable and trusted opponent, a stealth antimalware solution equipped with an anti-rootkit to unmask and remove all hidden malware and restore complete order.