Though it’s not unusual to receive an email notification from Facebook telling you someone has tagged you in a photo, the next time you do, BEWARE! Endpoint security company SOPHOS, has identified a new strain of malware (Troj/Agent-XNN) floating around Facebook suggesting that members “view photos as an attachment.”

If you click on the infected link, which is disguised as a Facebook notification email – a ZIP file containing malware allows hackers to control your Windows computer. Facebook email notifications usually tell you which friend tagged you in a photo. This malware tells you “one of your friends added a new photo with you in the album.” The photo above shows you what the message looks like.

Subject: Your friend added a new photo with you to the album

Attached file: New_Photo_With_You_on_Facebook_PHOTOID[random].zip

Message body:


One of Your Friends added a new photo with you to the album.

You are receiving this email because you’ve been listed as a close friend.

[View photo with you in the attachment]

Occasionally these scams appear and many of us are anxious to see how we look in the photos people post and tag us in. It’s always best to really read the message before clicking and beware of attachments you receive people you don’t know.