The Open University
Safe Computing Bulletin

Fake 'Facebook' invitation contains malicious software

Category: [Software, Trojan] Medium: [Email; Facebook] Platform: [Windows]

Bulletin Issued: [09/24/2008 11:10 PM GDT]
Unique Bulletin ID: [DCLR-7JSTZN]

If you are a user of the Social Networking site 'Facebook' you need to be aware of an email scam that is doing the rounds; victims receive a convincing-looking e-mail that purports to be an invitation from Facebook to add a new friend. However, if the attached image file (not actually a picture but a 'Trojan Horse' infective agent pretending to be a picture file) is activated it compromises the computer and leaves a path for hackers to take over control of the PC without the knowledge of the user. The message also includes a login form to the real Facebook home page to increase the appearance of authenticity.

The malicious Spam email appears to the recipient to have come from the valid domain '' but this is a spoofed address and the email is actually from the hacker gang perpetrating the exploit.

A warning from the Internet Security firm 'Websense' is linked below with samples of the actual exploit as well as advice from Sophos on Facebook security settings for users.

Related Links

Washington Post:
SC Magazine:
Sophos Facebook advice:

Subscribe to our email Bulletins:

OU Security-related courses, Security Inspection Tools and other links

Network Security Course T828:
Information Security Course M811:

World Community Computing Grid:
(The WCG harnesses the spare computing power on computers worldwide to assist in humanitarian research projects)

RSS Feed

Disclaimer: This bulletin is provided without any warranty from us as a free service, and the Open University cannot be held liable for the content, software updates and advice provided on external sites or by external agencies. If you use MS Windows, you are strongly advised to 'Create a System Restore point' using [Programs][Accessories][System Tools][System Restore] before applying any patches or upgrades to your PC.

Unique Bulletin ID: DCLR-7JSTZN