Fact Check

FBI vs. Facebook Virus Lure

Information about the 'FBI vs. Facebook' virus lures.

Published Aug. 4, 2008

Claim:

Virus:   FBI vs. Facebook virus lure.


Status:   Real.

Example:   [Collected via e-mail, July 2008]







Origins:   The "FBI vs. Facebook" mailings are new lures for an existing virus (rather than a new form of virus), but since they've garnered so much attention, we've created this separate entry for them.

The mailings, which began in July 2008, typically arrive with a subject line of "F.B.I. vs. Facebook" and include the text "F.B.I. Facebook Records" with a link to what appears to be a news site. However, clicking through on the link will initiate the download of an malicious executable (fbi_facebook.exe) onto recipients' PCs, while something like the screen shot shown above displays to trick users into believing they're merely visiting an innocuous news site.

All of this camouflage is cover for propagation of the Storm worm, a virus which has been around for a few years and has been spread via many guises. Because this particular incarnation invokes the name and symbol of the Federal Bureau of Investigation (FBI), that agency has issued a press release to warn the public about the misleading messages:



FBI Warns of Storm Worm Virus

The FBI and its partner, the Internet Crime Complaint Center (IC3), have received reports of recent spam e-mails spreading the Storm Worm malicious software, known as malware. These e-mails, which contain the phrase "F.B.I. vs. facebook," direct e-mail recipients to click on a link to view an article about the FBI and

Facebook, a popular social networking website. The Storm Worm virus has also been spread in the past in e-mails advertising a holiday e-card link. Clicking on the link downloads malware onto the Internet connected device, causing it to become infected with the virus and part of the Storm Worm botnet.

A botnet is a collection of compromised computers under the remote command and control of a criminal "botherder." Most owners of the compromised computers are unsuspecting victims. They have unintentionally allowed unauthorized access and use of their computers as a vehicle to facilitate other crimes, such as identity theft, denial of service attacks, phishing, click fraud, and the mass distribution of spam and spyware. Because of their widely distributed capabilities, botnets are a growing threat to national security, the national information infrastructure, and the economy.

"The spammers spreading this virus are preying on Internet users and making their computers an unwitting part of criminal botnet activity. We urge citizens to help prevent the spread of botnets by becoming web-savvy. Following some simple computer security practices will reduce the risk that their computers will be compromised," said Special Agent Richard Kolko, Chief, FBI National Press Office.

Everyone should consider the following:


  • Do not respond to unsolicited (spam) e-mail.

  • Be skeptical of individuals representing themselves as officials soliciting personal information via e-mail.

  • Do not click on links contained within an unsolicited e-mail.

  • Be cautious of e-mail claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders.

  • Validate the legitimacy of the organization by directly accessing the organization's website rather than following an alleged link to the site.

  • Do not provide personal or financial information to anyone who solicits information.




Last updated:   6 August 2008





  Sources Sources:

    Colker, David.   "Don't Open 'FBI vs. Facebook' E-Mail, Lest You Loose the Storm Worm."

    Los Angeles Times.   3 August 2008.

    Durkin, Mike.   "FBI vs Facebook Email Thread Has 'Storm Worm' Virus."

    FOXNews.com.   30 July 2008.


David Mikkelson founded the site now known as snopes.com back in 1994.