Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Websense Security Labs Alert: a new wave of malicious email attacks claiming to be a password reset confirmation from Facebook

October 2009 by Websense

Websense® Security LabsTM ThreatSeekerTM Network has discovered a new wave of malicious email attacks claiming to be a password reset confirmation from Facebook. The From: address on the messages is spoofed using support@facebook.com to make the messages believable to recipients. The messages contain a .zip file attachment with an .exe file inside. The .exe file currently has a detection rate of about 30 percent on VirusTotal. Our ThreatSeeker Network has seen up to 90,000 of these messages sent out so far today.

“This spam email attack is designed to play on the subject at the forefront of users minds – their password security. Falling for this scam could lead to the unsuspecting user becoming part of a botnet. With the recent hack of Web email accounts, users would feel more compelled to open an attachment that purports to hold their new password, as they’d be worried who changed it in the first place. Websense reported on the ’add a friend’ Facebook scams back in November 2008 so this new campaign shows how cyber criminals adapt their scams to take advantage of the latest hot topic. Our advice for users is always go directly to the Web address you have an account with and reset passwords there.” Carl Leonard, Websense Security Labs Manager.


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts