Facebook may have just won a theoretical warchest from a spammer, but it’s not put its house in order when it comes to scams. Indeed, I suspect they’re getting worse. Now you can get infected without even having to visit your Facebook account.
What happens is that, if you have set your profile to receive email updates when someone sends you a message on Facebook, these trojan scams actually make their way direct into your inbox. Facebook is just the vector:
Here’s a message, as it looks in Gmail:
Click on that link and it takes you, not to the Facebook message page, but straight to the dodgy website. In this case the website is still active. It will have a name like YuoTube:
and a YouTube-like interface:
The message in the ‘player’ says “Your version of Flash Player is out of date.” Without you doing anything the download window will appear:
Of course, if you install that you’re in trouble. But are you in trouble if you’ve already visited the page? I’m still working on that.
