Facebook Password Reset Scam

If you receive a password reset email from Facebook on your inbox, be careful! Facebook users are being warned of a malicious email password reset scam that is making its rounds and quickly spreading across the social network the past couple of days. This massive spam run is the latest version of malicious emails targetting Facebook’s 400 million global users.

The email messages that are believed to be sent from the Cutwail and Rustock botnets, use a spoofed return email address like “[email protected]“, making it look real and appear that its really from Facebook. The message indicates that the user’s Facebook password has been reset and that the user should download the email attachment containing the new password. Unbeknownst to most users, that attachment is a Trojan horse program designed to infect a computer. This massive spam run also contains different varieties of malware programs, password stealers, rogue antivirus programs and botnet code.

Unlike most spam and phishing emails, this Facebook password reset scam’s English-language messages contain correct grammar but has a weird sign-off: “Thanks, Your Facebook.

Here’s a screenshot provided by McAfee from one of those Facebook password reset scam emails.
Facebook Password Reset Scam

Users should always keep in mind that companies or social networks like Facebook won’t send unsolicited passwords. The only time a user will get a new password is if that user requested for it. Aside from keeping your AV (antivirus) up-to-date, users should also make it a habit not to click on embedded links on emails and NEVER download attachments. If you have to download an attachment from someone you know, make sure you scan it first with your antivirus software before opening/running it.

Social networking sites will always be a favorite target of scammers, spammers, phishers and other types of cybercriminals because of the huge number of users and the large percentage of “ignorant” users. So its important that users should always be protected (up-to-date antivirus) and be educated about these types of email scams.

Next time you open your inbox and find an email that asks you to reset a password or change login details, be careful. It could “pretend” to come from Facebook, Twitter, Bank of America, PayPal or any other website – don’t click on the embedded links and NEVER download any attachments!

Anyone here or anyone you know recently received a Facebook password reset scam email?

JaypeeOnline is supported by its audience. When you click on the advertisements or purchase through links on our site, we may earn an affiliate commission. Learn more



Owner and editor of JaypeeOnline. Self-proclaimed geek. New media writer and consultant. WordPress advocate. Loves blogging, gadgets, video games and sports. You can follow him on Facebook or Twitter.


  • Marcus Ripley, October 25, 2010 @ 10:44 AM

    Yet another Facebook related scam! Forewarned is forearmed they say so many thanks for letting us know about this :)

  • marivic, April 9, 2010 @ 2:55 AM

    hi i have a problem in my facebook.. i keep reset my password coz i cant open maybe my account was hack or have a virus.. can u help with this???

  • Archon Digital, March 29, 2010 @ 9:13 AM

    Count me in as one of those figuring out how and why these e-mail still got through to Edge Transport Servers and Forefront on Microsoft Exchange. Even on Google Apps for Domain most of my clients received it.

  • elmot, March 28, 2010 @ 11:07 PM

    We are also receiving this email Bro on our company email…and I think some people are even wondering as why they are receiving such a notification knowing that the email that has received the message is not the same email they use for log in.

  • Archon Digital, March 28, 2010 @ 11:25 AM

    A few of my clients received this same e-mail and I was actually surprised that though it was obvious the message was using spoofed e-mail addresses, it still got through to Microsoft Exchange’s and Google Apps for domain.

  • joie, March 20, 2010 @ 3:50 PM

    Usually those scams have some error. Thanks for pointing out that weird sign off such as “thanks, your facebook.” It pays to be watchful.
    @Jhay that’s a good idea of using the online gmail interface.

  • Jhay, March 19, 2010 @ 8:56 PM

    That’s why I use the online interface of Gmail instead of desktop email clients. Attachments are scanned by Google first before it is presented as safe to be downloaded.

  • MinnieRunner, March 18, 2010 @ 5:58 PM

    Thanks for sharing this. I haven’t received one. But I remembered one time my brother’s Poker Account in Facebook is hacked, leaving him $0 in his account. But he was able to regain it by submitting the issue to Facebook.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.