Internet security firm Sophos warned of malware disguised as an email from Facebook telling recipients the social network received requests from them to cancel their accounts.
Sophos outlined the malware scam in a post on its Naked Security blog.
Potential victims receive emails, supposedly from Facebook, which read:
Hi [email address]
We are sending you this email to inform you that we have received an account cancellation request from you. Please follow the link below to confirm or cancel this request.
The Facebook Team
To confirm or cancel this request, follow the link below:
What makes this particular scam a little more dangerous than others is that the link goes to a Facebook.com address, which may encourage recipients to treat it as valid, although it actually takes them to a third-party application.
That app tries to hound recipients into installing an unknown Java applet, persisting even after the “no thanks” button is clicked. Those who continue receive a message that Adobe Flash must be updated.
Of course, rather than a Flash update, files are added to users’ WIN32 folders, which enable remote spying and hacking.
Sophos said its security products detect the malware as Mal/SpyEye-B and Troj/Agent-WHZ and block access to its website.
As Sophos pointed out, this particular scam plays on the emotions of Facebook users who fear losing access to their accounts.
Readers: Have you received any emails similar to the one illustrated by Sophos?