Just this afternoon I received a message from my cousin. It was a seemingly innocent message with a pretext “Hello! I got you surprise” along the link to an external address “aaesydobigeuqi-blogspot-com”. Out of curiosity, I followed the link and just exercised caution in the manner of opening subsequent pages.
After a few seconds the link was redirected to a certain domain “surprise-msqo-tk”. It was surprising enough as that web page mimicked the appearance of the official Facebook website, although its obvious that other links are not click-able except the big “Gift” image.
I downloaded the file, named “surprise.exe”. It was an executable file with a size of 682 kilobytes, and after the download I checked it on my folder. For an untrained eye, one will assume it is a photograph because it has an attribute and icon of an image file.
I ran a virus check and a few seconds it shows to have an encrypted code, and it was flagged as Win32:Trojan-gen. I immediately deleted the file and wrote a quick article about it.
If you encounter this kind of message on your inbox and you are not sure about the link, even if it came from your trusted friend, think twice about opening it. It would be better if you could ask the sender what the link is all about. If its safe then open it. Chances are that your friend or relatives Facebook profile or the computer itself was infected by this malicious software. Tell your Facebook pals about this emerging threat so they would know what to do in case they face this kind of situation.