Application security, Malware, Phishing, Threat Management

Faux Facebook emails use password reset ploy


A widespread phishing campaign is making the rounds that claims to be from Facebook but is meant to infect victims' PCs, researchers said.

The fraudulent emails arrive with a note stating that the recipient's Facebook password was changed and they can find the new one in an attached ZIP file, said Dave Marcus, security research and communications manager at McAfee Avert Labs, in a blog post.

The malicious attachment actually contains an assortment of malware, depending on the message, including trojans and rogue anti-virus programs, he said. The scam is global in its reach and, as of Wednesday afternoon, the malware contained in the phishing run ranked as the sixth most prevalent global virus that McAfee was tracking.

It is possible that machines compromised with the Cutwail or Rustock botnets are delivering the spam messages, Marcus said.

Facebook Security, in a status update on its profile page, told users that the social networking site never would send a new password as part of an attachment.

"There's another spoofed email going around that claims to be from Facebook and asks you to open an attachment to receive a new password," read the update. "This email is fake. Delete if from your inbox, and warn your friends."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.