Be careful of trojan disguised as e-mail from Facebook
September 2, 2012 8
Email article | Print article 
You get an e-mail that looks like it is from Facebook. The e-mail says you have been tagged in a photo by a friend and the photo is attached to the e-mail. You open the attachment and BAM you are infected by a trojan known as Troj/Agent-XNN. Or at least that is the latest scare in the on going fight against malware.
Sophos Security, a British digital security firm, is reporting malicious e-mails are floating around that pose as Facebook. The e-mails have a subject of “Your friend added a new photo with you to the album” and say the following:
Greetings,
One of Your Friends added a new photo with you to the album.
You are receiving this email because you’ve been listed as a close friend.
[View photo with you in the attachment]
Attached to the e-mails is a ZIP file that contains the above-mentioned trojan. If you download and open the ZIP, you are infected. This trojan appears to only affect Windows machines and launches itself automatically on Windows boot, disguised as a Java updater (oh the timing).
Of course since this is a known trojan (and not a zero-day attack), any competent anti-virus should protect you against it even if you do accidentally download it. Still, the moral of the story is you shouldn’t open attachments in e-mails — or visit links in e-mails — when you aren’t sure who the e-mail is from. In this case the e-mail looks to be from Facebook but, really, if you stop and think to yourself “how many times does Facebook e-mail me an attachment” then you will realize how dumb of a move you were about to make.
About the author: Ashraf View all posts by Ashraf
Related »
![[Windows] Batch install software updates with OUTDATEfighter](http://cdn.dottech.org/media/2013/05/OUTDATEfighter-main-UI-134x90.png)
![What if babies could post on Facebook? [Image]](http://cdn.dottech.org/media/2013/05/toddler_facebook-134x90.jpg)
![[Android] Automatically upload photos to Facebook with FaceDropt](http://cdn.dottech.org/media/2013/05/FaceDropt-UI-134x90.jpg)
8 Comments »
Leave A Response »
I have humble and demure solution among others.
Be drastic, like me : “NO Facebook NO cry… ”
It appears to be impossible for you?
I assure you can survive without Facebook accompt.
Thinking people don’t use Face(less)book.com
Start thinking.
I bet dottech-ers have an unusually high percentage of NON-Facebook-ers…..We should do a survey…..
I have a Facebook account that I have used about thrice for signing up for some program or other. No friends, or whatever else you can do with it.
Nevertheless, I got that EMail. Though I was curious as to who might think they were a good friend, I didn’t have time or sufficient inclination to even open the EMail, so it hit the cosmic bit-bucket.
Thanks for showing me what fun I missed (though I also disable automatic updates for everything, including Flash, and suspect one of my several antivirus, and anti-autorun programs would have sanitized this bug before it ran.)
Add me to the list of non FB users! Thanks for the info though! I’ll share it with the people I know who do use it. I can’t imagine if someone does open that attachment, and an AV doesn’t catch it, what will they do when they can’t let their “friends” know that they’re taking a shower! O.o
@jipy: I attest to this. I don’t have a Facebook, aside from one for dotTech. It is possible.
@DoktorThomas: Facelessbook? Hmm?
@Janet: I haven’t looked into it but my guess is dotTechies of the older generation don’t have FB while younger generation do. We have a mix of them.
@AFPhys: You are welcome!
@Mary: You are welcome!
Non facebook user here. Even though I land in the generation with social media breaking out, I never got into the whole social media thing. I prefer to actually hang/meet with my friends in person.
Heck, I only text people if i know they cannot answer thier phone ( work, meetings, doctors appointment, etc.), and that is still rarely. I prefer to make a phone call instead.
@Bull:
I’m delightrd
@Bull:
Bull, delighted to hear there are young folks like you…:-)…!
Ashraf, I think there are an unusually large amount of YOUNG NON-Facebook dottechers on the basis of comments in various threads here in the past–that’s why I mentioned it…:-)…..