The From: address on the messages is spoofed using support(at)facebook.com to make the messages believable to recipients. The messages contain a .zip file attachment with an .exe file inside. The .exe file currently has a detection rate of about 30 percent on VirusTotal.
Yep, I just got what looks to be a fake ‘account confirmation’ asking me to confirm my account…from 2007 !!
Add to that the fact that I have never registered for facebook…
The thing that worries me, Is that it looks SO genuine…exactly the same as the invites I get from friends…someone else may not realise…
I think bredolab botnet detection is added to avast database but this might be a different variant. don’t you have gens for bots? or under what group have you put bot gens?
There was no attachment on the email I received, just a ‘facebook’ style formatted email…that looks SO convincing…
The weird from address gave it away.
Do you still want the email?
I can forward it if you want… (if a picture is not enough…)
I think this is slightly different than the one reported here…
Also, one of the reasons I don’t have a facebook, and probably wont ever…
There was one of these sent to me this morning, and my ISP caught and quarantined it. They used to have separate quarantines for infected (or probably infected) stuff and for “ordinary” junk mail, but now they put everything in one pile.
In the case of a virus like the topic one, they remove the original content and replace it with info about the virus.