There are spam emails going around right now that are attempting to trick Facebook users into clicking a link and then taking them to web pages that are filled with viruses. The emails claim that the user has been tagged in a photo and to click the link to see the photo, as normal. The email even looks like it’s legitimate but there are minuet mistakes such as the address field “From” is misspelled as “Faceboook.com”.
The clickable links take the user to web pages with malicious code and according to The Register the infamous Blackhole kit, which tries to gain control of users’ systems when visited is one of the viruses contained through these links. The websites attempt to exploit vulnerabilities through Adobe applications and Java engines to push malware onto the Windows PC.
After your browser takes you to the site that is infected, and that infects your PC, you are redircted to the legitimate Facebook website. According to security firm Sophos, this redirection is designed to minimise the possibility that victims will realise they’ve been attacked. More information on the attack and screen shots can be found Here.