The Column

Wednesday, October 28, 2009

Facebook password-reset email carries a virus

(Cross-posted in The Workbench, Reloaded)

Sheesh!

These writers of viruses and other nefarious code will stop at nothing to spread the love. But while you can see many viruses coming a mile away, I understand this one looks official.

This one, a Trojan horse dubbed Bredolab, comes dressed up as a "Password Reset Confirmation Email" from Facebook. In the email you click on the link to -- you think -- get your new password. That's when the fun -- if you can call it that -- starts. That link downloads system-destroying files, such as rogue "anti-spyware" programs that inject their own spyware, into your computer.

Considering some of the problems Facebook has been encountering -- partly from increased traffic and partly from its own recent redesign, this email almost sounds plausible.

I haven't seen this one myself; I got the details from Mashable! and MXLab.

According to MXLab, here's the body of the message:

Hey vguysville ,

Because of the measures taken to provide safety to our clients, your password has been changed.
You can find your new password in attached document.

Thanks,
The Facebook Team


Here's the drill. If you see something like this from Facebook, watch out. It's probably not from Facebook. Bear this in mind:

- If you didn't request a password change from Facebook, you have no reason to receive a reset confirmation. Don't bother opening it; dispose of it immediately.

Enjoy your computer, don't be skeered of the virus bogeyman, but be wary when you go online. Cool?

###

No comments: