You open your inbox and found an email saying Facebook friend added a new photo of you. Well, if you get the one, do not open it and simply ignore it and check Facebook yourself. The email is actually a new scam in which spammers’ sends users an email saying that someone added a new photo of you to a Facebook album.
The attack was spotted first by Sophos (via The Next Web), detects the malware as Troj/Agent-XNN. The email, which claims to come from the social networking giant, includes a 61KB malware threat which copies itself to “C:\Documents and Settings\All Users\svchost.exe” and adds itself to your Windows registry, masquerading as a Sun Java updater.
The e-mail subject is typically something along the lines of “Your friend added a new photo with you to the album” (though cybercriminals can easily alter it) and appears to come from an e-mail like “firstname.lastname@example.org” (again, this can be changed). The attached file is named “New_Photo_With_You_on_Facebook_PHOTOID[random].zip” where “random” is a generated number.
The e-mail body says in simple words, but don’t believe else you will be the next victim of this scam:
One of Your Friends added a new photo with you to the album.
You are receiving this email because you’ve been listed as a close friend.
[View photo with you in the attachment]
Facebook, Inc. Attention: Department 415 P.O Box 10005 Palo Alto CA 94303