If you receive a password reset email from Facebook on your inbox, be careful! Facebook users are being warned of a malicious email password reset scam that is making its rounds and quickly spreading across the social network the past couple of days. This massive spam run is the latest version of malicious emails targetting Facebook’s 400 million global users.
The email messages that are believed to be sent from the Cutwail and Rustock botnets, use a spoofed return email address like “help@facebook.com“, making it look real and appear that its really from Facebook. The message indicates that the user’s Facebook password has been reset and that the user should download the email attachment containing the new password. Unbeknownst to most users, that attachment is a Trojan horse program designed to infect a computer. This massive spam run also contains different varieties of malware programs, password stealers, rogue antivirus programs and botnet code.
Unlike most spam and phishing emails, this Facebook password reset scam’s English-language messages contain correct grammar but has a weird sign-off: “Thanks, Your Facebook.”
Here’s a screenshot provided by McAfee from one of those Facebook password reset scam emails.
Users should always keep in mind that companies or social networks like Facebook won’t send unsolicited passwords. The only time a user will get a new password is if that user requested for it. Aside from keeping your AV (antivirus) up-to-date, users should also make it a habit not to click on embedded links on emails and NEVER download attachments. If you have to download an attachment from someone you know, make sure you scan it first with your antivirus software before opening/running it.
Social networking sites will always be a favorite target of scammers, spammers, phishers and other types of cybercriminals because of the huge number of users and the large percentage of “ignorant” users. So its important that users should always be protected (up-to-date antivirus) and be educated about these types of email scams.
Next time you open your inbox and find an email that asks you to reset a password or change login details, be careful. It could “pretend” to come from Facebook, Twitter, Bank of America, PayPal or any other website – don’t click on the embedded links and NEVER download any attachments!
Anyone here or anyone you know recently received a Facebook password reset scam email?
Written by 
*Don't forget to verify your subscription by clicking the link on the email that Feedburner will send you.*
October 25th, 2010 at 10:44 AM
Yet another Facebook related scam! Forewarned is forearmed they say so many thanks for letting us know about this :)
April 9th, 2010 at 2:55 AM
hi i have a problem in my facebook.. i keep reset my password coz i cant open maybe my account was hack or have a virus.. can u help with this???
March 29th, 2010 at 9:13 AM
Count me in as one of those figuring out how and why these e-mail still got through to Edge Transport Servers and Forefront on Microsoft Exchange. Even on Google Apps for Domain most of my clients received it.
March 28th, 2010 at 11:07 PM
We are also receiving this email Bro on our company email…and I think some people are even wondering as why they are receiving such a notification knowing that the email that has received the message is not the same email they use for log in.
March 28th, 2010 at 11:25 AM
A few of my clients received this same e-mail and I was actually surprised that though it was obvious the message was using spoofed e-mail addresses, it still got through to Microsoft Exchange’s and Google Apps for domain.
March 20th, 2010 at 3:50 PM
Usually those scams have some error. Thanks for pointing out that weird sign off such as “thanks, your facebook.” It pays to be watchful.
@Jhay that’s a good idea of using the online gmail interface.
March 19th, 2010 at 8:56 PM
That’s why I use the online interface of Gmail instead of desktop email clients. Attachments are scanned by Google first before it is presented as safe to be downloaded.
March 18th, 2010 at 5:58 PM
Thanks for sharing this. I haven’t received one. But I remembered one time my brother’s Poker Account in Facebook is hacked, leaving him $0 in his account. But he was able to regain it by submitting the issue to Facebook.