Actu
McAfee: Facebook Password Reset Scam Threatens Computers Worldwide
March 2010 by McAfee
McAfee Labs has uncovered a new Facebook scam that is targeting Facebook users worldwide.
The Hook: Scammers send emails that appear to be from Facebook, telling recipients that their Facebook password has been reset and they need to click on an attachment to retrieve it.
The Method: The attachment is a password stealer that installs when the user clicks on it.
The Danger: Once installed, the password stealer can potentially access any username and password combination utilized on that computer, not just for the user’s Facebook account.
This threat is potentially very dangerous considering that there are over 400 million Facebook users who could fall for this scam. This is also the sixth most prevalent piece of malware targeting consumers in the last 24 hours, as tracked by McAfee Labs.
Bottom Line: Facebook would never send an email alerting a user that they changed his or her password. Another clue that can signal a user has received a spam email is the use of poor grammar and awkward phrases such as in the below greeting "Dear user of facebook." Please note that McAfee customers with current subscriptions are protected from this type of malware.
