Facebook Password Reset Scam

Facebook Password Reset Scam

If you receive a password reset email from Facebook on your inbox, be careful! Facebook users are being warned of a malicious email password reset scam that is making its rounds and quickly spreading across the social network the past couple of days. This massive spam run is the latest version of malicious emails targetting Facebook’s 400 million global users.

The email messages that are believed to be sent from the Cutwail and Rustock botnets, use a spoofed return email address like “[email protected]“, making it look real and appear that its really from Facebook. The message indicates that the user’s Facebook password has been reset and that the user should download the email attachment containing the new password. Unbeknownst to most users, that attachment is a Trojan horse program designed to infect a computer. This massive spam run also contains different varieties of malware programs, password stealers, rogue antivirus programs and botnet code.

Unlike most spam and phishing emails, this Facebook password reset scam’s English-language messages contain correct grammar but has a weird sign-off: “Thanks, Your Facebook.

Here’s a screenshot provided by McAfee from one of those Facebook password reset scam emails.
Facebook Password Reset Scam

Users should always keep in mind that companies or social networks like Facebook won’t send unsolicited passwords. The only time a user will get a new password is if that user requested for it. Aside from keeping your AV (antivirus) up-to-date, users should also make it a habit not to click on embedded links on emails and NEVER download attachments. If you have to download an attachment from someone you know, make sure you scan it first with your antivirus software before opening/running it.

Social networking sites will always be a favorite target of scammers, spammers, phishers and other types of cybercriminals because of the huge number of users and the large percentage of “ignorant” users. So its important that users should always be protected (up-to-date antivirus) and be educated about these types of email scams.

Next time you open your inbox and find an email that asks you to reset a password or change login details, be careful. It could “pretend” to come from Facebook, Twitter, Bank of America, PayPal or any other website – don’t click on the embedded links and NEVER download any attachments!

Anyone here or anyone you know recently received a Facebook password reset scam email?

This post may contain affiliate links that allow us to earn commissions at no additional cost to you. We are reader-supported so when you buy through the affiliate links, you are also helping or supporting us. 


  1. hi i have a problem in my facebook.. i keep reset my password coz i cant open maybe my account was hack or have a virus.. can u help with this???

  2. Count me in as one of those figuring out how and why these e-mail still got through to Edge Transport Servers and Forefront on Microsoft Exchange. Even on Google Apps for Domain most of my clients received it.

  3. We are also receiving this email Bro on our company email…and I think some people are even wondering as why they are receiving such a notification knowing that the email that has received the message is not the same email they use for log in.

  4. A few of my clients received this same e-mail and I was actually surprised that though it was obvious the message was using spoofed e-mail addresses, it still got through to Microsoft Exchange’s and Google Apps for domain.

  5. Usually those scams have some error. Thanks for pointing out that weird sign off such as “thanks, your facebook.” It pays to be watchful.
    @Jhay that’s a good idea of using the online gmail interface.

  6. That’s why I use the online interface of Gmail instead of desktop email clients. Attachments are scanned by Google first before it is presented as safe to be downloaded.

  7. Thanks for sharing this. I haven’t received one. But I remembered one time my brother’s Poker Account in Facebook is hacked, leaving him $0 in his account. But he was able to regain it by submitting the issue to Facebook.

Leave a Reply

Your email address will not be published. Required fields are marked *