Some days I feel like I’m walking through a minefield.
No sooner had I posted a blog piece about WordPress comment spam today (see Caution: WordPress Comments), I noticed an email message from someone who had commented on my Facebook wall.
It was a weird comment, which should have warned me. After the fact, I also saw the tell-tale row of multiple O’s in the sender’s address, from comments@faceboook.com
But at the time, I was seduced into logging on to my Facebook account then clicking the link with a message from “Amanda Phillips” in my email program. At a quick glance it looked like any of the legitimate Facebook notifications I receive every day. (Without the swearing of course. In fact that was part of what intrigued me: Why was someone so mad at us?)
Curiosity almost killed the cat. I was immediately blasted by my Avast anti-virus/anti-malware protection which announced it had blocked an executable Trojan horse, a split second after clicking the link and a hair before it initiated.
Close, very close.
[BTW If you don’t have an anti-virus program, I urge you to stop now and download Avast here. http://www.avast.com/en-ca/index You will be very glad you did. Avast is also available for the Mac at http://www.avast.com/free-antivirus-mac As the market share for Mac grows, viruses are an increasing threat for people on Macs.]
What does a Trojan horse do? A Trojan horse is a program that gives a hacker power over your computer. It can provide the attacker with unauthorized remote access to a your files, infect your files and damage the system, carry additional dangerous parasites, and steal sensitive information. Trojans delivered to your computer through email can be are set in action when you click an infected link, play an infected video or click on an infected image. Without protection, they can wipe out your harddrive and all your programs and files.
More information about Trojan Horses can be found at Wikipedia
Read more about Facebook scams and spams at http://www.theregister.co.uk/2012/05/06/social_network_spam/
If you fall for one of these notifications like I did, I hope you have as excellent malware protection in place as I did.
