Facebook Password Reset Confirmation
It’s natural that the extremely popular online portals like social media sites will be targeted more by unscrupulous developers of malicious threats. Facebook is currently the most popular social networking site, and the online security industry has noticed an increased attack on this network and its users. This is made evident through the new Facebook Password Reset Confirmation phishing scam.
Security companies are warning all their users about a widespread email scam targeting Facebook users worldwide. The attacks are recognized by emails arriving in users’ inboxes stating that their password has been changed, and the new password is attached in an executable document. The body of the email would read as follows:
“Facebook Password Reset Confirmation! Customer Support
Dear user of Facebook,
Because of the measures taken to provide safety to our clients, your password has been changed.
Obviously this is a fake email with its originators having no existing affiliation with Facebook whatsoever. Web tech savvy users will immediately be able to recognize this email as a scam. There are several ways this can be deduced, the first being the impersonal tone used in the message (no name appears in the message). Another indication is the fact that there is an attachment to the Facebook Password Reset Confirmation email. The fact is that Facebook, being a reputable company, will never send out emails that automatically reset their users’ passwords or accounts.
The attachment to be found in the Facebook Password Reset Confirmation email is called Facebook_details_.zip. This attachment contains a Trojan, and once executed will try to enter the user’s PC. It is therefore important that users disregard the Facebook Password Reset Confirmation email and never open any of its attachments. Legitimate security tools have reported Facebook_details_.zip as a password stealing Trojan.
The only way to steer clear of the danger of scams such as the Facebook Password Reset Confirmation email poses is for users to use their common sense, and never trust any unsolicited correspondence from companies if they feel the slightest bit of doubt.