Origins: The "FBI vs. Facebook" mailings are new lures for an existing virus (rather than a new form of virus), but since they've garnered so much attention, we've created this separate entry for them.
The mailings, which began in July 2008, typically arrive with a subject line of "F.B.I. vs. Facebook" and include the text "F.B.I. Facebook Records" with a link to what appears to be a news site. However, clicking through on the link will initiate the download of an malicious executable (fbi_facebook.exe) onto recipients' PCs, while something like the screen shot shown above displays to trick users into believing they're merely visiting an innocuous news site.
All of this camouflage is cover for propagation of the Storm worm, a virus which has been around for a few years and has been spread via many guises. Because this particular incarnation invokes the name and symbol of the Federal Bureau of Investigation (FBI), that agency has issued a press release to warn the public about the misleading messages:
FBI Warns of Storm Worm Virus
The FBI and its partner, the Internet Crime Complaint Center (IC3), have received reports of recent spam e-mails spreading the Storm Worm malicious software, known as malware. These e-mails, which contain the phrase "F.B.I. vs. facebook," direct e-mail recipients to click on a link to view an article about the FBI and
Facebook, a popular social networking website. The Storm Worm virus has also been spread in the past in e-mails advertising a holiday e-card link. Clicking on the link downloads malware onto the Internet connected device, causing it to become infected with the virus and part of the Storm Worm botnet.
A botnet is a collection of compromised computers under the remote command and control of a criminal "botherder." Most owners of the compromised computers are unsuspecting victims. They have unintentionally allowed unauthorized access and use of their computers as a vehicle to facilitate other crimes, such as identity theft, denial of service attacks, phishing, click fraud, and the mass distribution of spam and spyware. Because of their widely distributed capabilities, botnets are a growing threat to national security, the national information infrastructure, and the economy.
"The spammers spreading this virus are preying on Internet users and making their computers an unwitting part of criminal botnet activity. We urge citizens to help prevent the spread of botnets by becoming web-savvy. Following some simple computer security practices will reduce the risk that their computers will be compromised," said Special Agent Richard Kolko, Chief, FBI National Press Office.
Everyone should consider the following:
Do not respond to unsolicited (spam) e-mail.
Be skeptical of individuals representing themselves as officials soliciting personal information via e-mail.
Do not click on links contained within an unsolicited e-mail.
Be cautious of e-mail claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders.
Validate the legitimacy of the organization by directly accessing the organization's website rather than following an alleged link to the site.
Do not provide personal or financial information to anyone who solicits information.
Last updated: 6 August 2008
Colker, David. "Don't Open 'FBI vs. Facebook' E-Mail, Lest You Loose the Storm Worm."
Los Angeles Times. 3 August 2008.
Durkin, Mike. "FBI vs Facebook Email Thread Has 'Storm Worm' Virus."
David Mikkelson founded snopes.com in 1994, and under his guidance the company has pioneered a number of revolutionary technologies, including the iPhone, the light bulb, beer pong, and a vaccine for a disease that has not yet been discovered. He is currently seeking political asylum in the Duchy of Grand Fenwick.
Thank you for writing to us! Although we receive hundreds of e-mails every day, we really and truly read them all, and your comments, suggestions, and questions are most welcome. Unfortunately, we can manage to answer only a small fraction of our incoming mail.
Our site covers many of the items currently being plopped into inboxes everywhere, so if you were writing to ask us about something you just received, our search engine can probably help you find the very article you want.
Choose a few key words from the item you're looking for and click here to go to the search engine.
(Searching on whole phrases will often fail to produce matches because the text of many items is quite variable, so picking out one or two key words is the best strategy.)
We do reserve the right to use non-confidential material sent to us via this form on our site, but only after it has been stripped of any information that might identify the sender or any other individuals not party to this communication.