Attacks that use the holidays as a social engineering lure are starting to pour in as the Christmas day draws near. We recently found a page on Facebook that offers a Christmas theme on one’s profile. The page leads to a malware that comes in the form of browser plugin.
Once users click the Like button, the page redirects them to a URL which allows victims to download and install a malicious plugin named Free Cheesecake Factory Coupons.
What the plugin does is that it floods affected users’ walls with the catchy status, Get Christmas Theme for FB on – – >>0< < – – free Christmas Theme for all FB users!!. Just Install this amazing new fb Christmas new look and change your profile looks show it to your friends…… [Name of tagged friends]
Note that the plugin only works for all browsers, which is detected as TROJ_REDIR.CU.
Users need to be extra vigilant this holiday season, since cybercriminals are surely to continue launching attacks that use the holiday season as a lure. For more information on how to keep themselves protected, we recommend users to check the following reports:
- Season’s Warnings: iPhone 4S Scam and Other Holiday Threats
- Beware of Holiday-Themed Multi-component Online Threats
- Season’s Warnings
As for the attack explained above, users are already protected through file detection and URL blocking done by the Trend Micro Smart Protection Network.