Facebook Password Reset Scam Threatens Computers Worldwide
Wednesday, March 17th, 2010 at 6:16 pm by Consumer Threat Alerts
The Hook: Scammers send emails that appear to be from Facebook, telling recipients that their Facebook password has been reset and they need to click on an attachment to retrieve it.
The Method: The attachment is a password stealer that installs when the user clicks on it.
The Danger: Once installed, the password stealer can potentially access any username and password combination utilized on that computer, not just for the user’s Facebook account.
This threat is potentially very dangerous considering that there are over 400 million Facebook users who could fall for this scam. This is also the sixth most prevalent piece of malware targeting consumers in the last 24 hours, as tracked by McAfee Labs.
Bottom Line: Facebook would never send an email alerting a user that they changed his or her password. Another clue that can signal a user has received a spam email is the use of poor grammar and awkward phrases such as in the below greeting “Dear user of facebook.” Please note that McAfee customers with current subscriptions are protected from this type of malware.
Here is an email example of the Facebook Password Reset Scam to watch out for:
Here is the latest global intelligence map that details where the scam is targeting Facebook users:
Tips to Avoid Becoming a Facebook Scam Victim:
Tip 1: Do not open the attachment. Promptly delete the Facebook scam email.
Tip 2: Consumers can protect their computer from this type of cybercrime by installing a complete security software suite that includes anti-virus, anti-spyware, and firewall protection.
Tip 3: Consumers should make sure they are running the most up-to-date security software and their subscription is active.
Tip 4: If consumers are unsure if their security software vendor has an update for this type of malware, McAfee recommends that they check for and install any available updates, then immediately run a full scan.
Tags: facebook, mcafee, password stealer, scam, spam
- Posted in Consumer Threat Alerts
- |
It would be useful if the story mentioned what platforms are targeted by this “password stealer.” That’s pretty vague. Does it affect any computer? Just Windows users? Or what?
Fantastic Post…..
Thanks for sharing…
I have a question about the face book scam- I did recieve that message- but how do you know if your computer has a virus now?? I didn’t change password- but did back out of it after the fact- so now i’m worried.
facebook scam
Does the malware run on Macintosh computers?
Would it run on a Mac running a Windows emulator?
If MacAfee is so worried about this trojan, why is it that it completely ignores such attachments in my mailbox?
i have mcafee security, but, when i received this email i opened it (i know, i know . . . stupid me) and got a pop-up from mcafee telling me what this was. i immediately closed and deleted. how can i know if my computer is infected?
Is it better to run the Windows Firewall or the Norton Firewall???
When I turned the Norton Firewall off I get a message that the Norton Firewall has been turned off and it shows that I am at risk, the same happen when I turn the Windows Firewall,
What should I do???
Thank you for your cooperation regarding this matter.
Remi Bouffard
Yes it happened to me- I am going to follow the suggestions above and make sure my security is up to date. I have to say this is the second thing that has invaded my personal email security whilst using Facebook and it does put me off the site a lot. None of this really happened whilst using myspace- there security seemed to be tighter. What can Facebook do to better protect it\’s consumers ?
Any idea\’s ???
Thanks for this quick info…i was sent this message but i downloaded the attached document but i’ve not yet open it. immediately i saw an alert about this treat….thanks for this quick response.. i’ve spread the word around fellow facebook users. Hope I’m not late with such details and pray that they apply caution on this most important details.
Is this another “Koobface” variant? Where’s a link to the tech details. Nothing wrong with this story, but it’s blogged for the general public and doesn’t contain much useful information about analysis/forensics and security response.
I deactivated my facebook account. I was shut down many many times by my computers anti virus. I would run scan and it would show no viruses. I have an updated ESET NOD32 Anti virus. The only page affected was facebook. I shut down facebook before it could spread.Let me know when you have the virus taken care of and I will reactivate my account.
Hi
I have inadvertantly downloaded the file related to the scam facebook email, I have Mcafee anti virus software on my machine, will it pick up and elliminate the trojan attached to this file?
I ran a full scan put it did not pick anything up.
Is there anything I need to do?
thanks
Michael Hippey
thats cool
Thanks for the news, always best to be safe and I hope Norton is aware of this issue as there are by far more important things to think about than some idiot with nothing better to do than mess up peeps computers.
Cheers,
Sylvia York
How exactly is it getting people\’s e-mail addresses in the first place?
I have had something telling me mmy password was wrong. I was given another password that did not work and i am afraid to try Facebook. Mostly i get invites and i am afraid to take them. Someone else signed me up for Mcfee and i can not get in to them either.
I also clicked on the link when I received the password email. I have Norton on my PC and it says that I am protected but how do I know for sure???
Thanks for the awesome post. always best to be safe and I hope Norton is aware of this issue as there are by far more important things to think about than some idiot with nothing better to do than mess up peeps computers.keep sharing..
[...] McAfee warns that several malicious programs including password stealer is installed when user clicks on it. The password stealer can potentially access any username and password combination used on the computer, not just the login credentials for the Facebook. [...]
Hey thats cool I read this page this is good for knowledge i m using this anti virus software and its good………..
[...] a Facebook-tól,aminek „Facebook Password Reset Confirmation! Customer Message” a tárgya. A McAffe vírusírtó cég blogbejegyzése megerősíti minden szemfüles netező feltételezését, miszerint itt egy vírusról van [...]
[...] McAfee dan Sophos telah mengeluarkan peringatan tentang penipuan. Nama lampiran adalah [...]
[...] and the fact that Facebook will never send out emails that automatically reset password.Both McAfee and Sophos have put out warnings about the scam. The attachment’s name is [...]