BANGALORE: Even the best of people are tizzy, finding ways to express their love in innovative ways, on February 14. This Valentines Day however, cyber criminals are making the most of online shopping and social networking trends. With many discounts available in online shopping websites, and social networking websites introducing contests and other attractions for the romantic day, experts have warned people to be aware of spam and cyber crime attacks.
Identifying one such alleged spam attack on popular social networking site, Trend Micro (India & SAARC) has warned internet users to be aware of what they click and what sites they visit to make the most of Valentines Day.
“It is typical for spammers to use prominent events, brands or enticing contests to cloak malicious schemes. The fact that the attack itself is focused on Chrome and Firefox may mean that cyber criminals are targeting extension-compatible browsers, as well as going after more popular browser choices. This is not the first attack of its kind, but considering this, the extension-capable browsers are coming to the forefront now,” said Suchita Vishnoi, Head - Marketing, Trend Micro (India & SAARC).
The discovery made by this company highlights that the attack leverages on Valentines Day.
As per their discovery, users are asked to post a Valentines theme into their Facebook profile from where they are redirected to another website which asks users to download the theme which is a fake website.
On installing the theme, cyber criminals can seek access to users’ personal information and data from their personal PC’s. This attack is only for users using Google Chrome and Mozilla Firefox for accessing Facebook.
“The said attack begins with a post on affected users wall inviting other users to install a Valentine’s theme on their Facebook profile. Once users click on this post, they are redirected to another page that urges them to install the said theme. Clicking the Install button on the page will prompt the download of the malicious file, FacebookChrome.crx which Trend Micro detects as TROJ_FOOKBACE.A.
"When executed, TROJ_FOOKBACE.A executes a script that is capable of displaying ads from certain websites. It also installs itself on the users’ browsers as an extension named Facebook Improvement|Facebook.com,” added Suchita.