ActionFraud - National Fraud & Cyber Crime Reporting Centre - Call 0300 123 2040

Alert: Facebook “lol” inbox messages contain a virus

Fraudsters are sending out messages through Facebook with a malware infected attachment that could steal your account data and personal information.

Facebook Homepage

Malwarebytes have identified Trojan malware that is spreading through Facebook fast, here is how it is being spread:

  • A victim gets a Facebook instant message from a friend of theirs, which includes the words ‘lol’ and a file waiting to be downloaded.
  • The victim downloads the file because they can assume it can be trusted. The filename matches the usual filename of a photo: ‘IMG_xxxx’.zip.
  • Once downloaded, the victim unzips the file and clicks on what they assume is an image file, still called IMG_xxxx.jar
  • The JAR file executes, downloads malware and infects the system.
  • The infected users Facebook account is compromised and then used to send more malware to the victims friends.

The use of text “lol” is a clever hook to get you to download the infected zip file. The virus will only infect your computer if you download the attachment, and it cannot execute by just receiving the inbox message alone.

If you think your computer might have been infected, run a full antivirus scan to remove the malware, Malwarebytes website.

Please note that Action Fraud is not responsible for the content of external websites.

To report a fraud and receive a police crime reference number, call Action Fraud on 0300 123 2040 or use our How to remove a computer virus?
Microsoft Safety Scanner - clean and repair an infected PC
Microsoft free antivirus software

Most shared articles

Related articles