The emails are extremely dangerous because they have no malicious payload and thus will not trigger desktop AV. This single threat accounts for more than one in every 200 spam messages. It’s possible that computers were infected - if they were not protected by MailGuard IT security services.
You or someone at your business might have several copies of an email with variations of this subject line. As you can see from the screenshot the fake notification looks very authentic.
It preys on Facebook’s 800m+ users who receive daily notifications just like this and click on the links without thinking twice. Of course, this notification doesn't come from Facebook. Nevertheless, muscle memory could have you or your users clicking on the link before that's figured out.
Although the email does not contain a malicious payload (bypassing desktop AV), it does direct users to a site which downloads malware and plays havoc with their computers.
Please DON’T OPEN emails with subject line “Brooke Sheree added 4 photos of you on Facebook” (or similar). And whatever you do, DON’T CLICK any of the links contained in these messages. This will direct you to a site which infects your machine with malicious software.
This threat is known as a “drive-by”, and is typical of the new breed of cybercriminal attacks.
If you’d like to prevent your employees being vulnerable to these attacks in the future, we recommend recommend you implement cloud-based email security and web security from MailGuard.
You can trial MailGuard free for two weeks.