Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

Symantec Threat Bulletin: New wave of phishing and malware attacks prey on social networking sites

Symantec has detected a new wave of phishing and malware attacks preying on social networking sites.
  • 05 November, 2009 15:28

<p>Symantec Threat Bulletin: New wave of phishing and malware attacks prey on social networking sites</p>
<p>Symantec’s Security Response Team has detected a new wave of phishing and malware attacks preying on social networking sites MySpace and Facebook users. Symantec believes that social networking sites with large numbers of users are currently being targeted to infect the maximum number machines or gather passwords for more malicious activities in the future. Symantec has discovered that the recently reported malicious spam campaign against Facebook is now being accompanied by a phishing attack.These fake phishing messages look like official Facebook emails, advising members of a new login system and asking them to update their account details. Users that click on the ‘update’ button are redirected to a look-alike Facebook phishing site, where they are asked to enter a password to complete the update procedure. Unfortunately this allows cybercriminals unlawful access to the password and login details and ultimately, access to the account.</p>
<p>These attacks can be identified by the following email subject lines:</p>
<p>Facebook account update</p>
<p>New login system</p>
<p>Facebook Update tool</p>
<p>Additionally, the Symantec Security Response Team has also detected a new wave of malware attacks on MySpace, which come as an email with an attachment. This attack also asks users to change their passwords, with the aim of gathering password details.</p>
<p>Email subject lines for these attacks include:</p>
<p>Myspace Password Reset Confirmation</p>
<p>Myspace office on fire</p>
<p>Myspace was ruined</p>
<p>Symantec encourages users to be extremely wary of any requests for personal information or suspicious attachments, especially those including a ‘password reset’ request. Legitimate websites will not request a password be reset by sending an attachment. Users should also be cautious when clicking on URLs without proper verification. To be safe and avoid a malware attack, URLs should be typed directly into the web browser. Finally, consumers should keep their security software up-to-date to prevent falling victim to these type of scams.</p>
<p>Please let me know if you would like to speak with a Symantec security expert about these attacks and what users can do to prevent themselves from falling victim to such scams.</p>
<p>Media Contact:</p>
<p>Jasmin Athwal</p>
<p>Max Australia</p>
<p>+61 2 9954 3492</p>
<p>Jasmin.Athwal@maxaustralia.com.au</p>

Most Popular

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release