Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    Subscriptions    Contact
Bookmark and Share

Issue 114 - May 2011 - Page 16

Facebook "Your Password is Not Safe" Malware Email

Issue 114 Start Menu

Previous Article

Email purporting to be from Facebook, claims that the recipient's Facebook password has been automatically changed because the previous password was not safe.

Brief Analysis
The email is not from Facebook and the claim that the user's password has been changed is untrue. The attachment that comes with the email contains a trojan.

Bookmark and Share
Detailed analysis and references below example.

Last updated: 13th April 2011
First published: 13th April 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

Subject: Facebook Support. Your password has been changed! ID09687

Dear user of FaceBook.

Your password is not safe!
To secure your account the password has been changed automatically.

Attached document contains a new password to your account and detailed information about new security measures.

Thank you for your attention,
Administration of Facebook

Detailed Analysis
According to this email, which claims to be from Facebook Support, the recipient's Facebook password has been automatically changed because the old password was not safe. The message instructs recipients to open an attached file to get the new Facebook password along with "detailed information about new security measures".

However, the email is not from Facebook and the attachment certainly does not contain a new password or any security information. Opening the attachment will launch a trojan that, once installed, can modify the Windows registry, establish connections with malicious websites and download further malware components.

In January 2011, a malware email very similar to the one shown above was hitting inboxes. The message claimed that the recipient's Facebook password had been changed "for safety" because spam had been sent from his or her Facebook account. As in this case, the email's attachment contained a trojan. In fact, bogus "password reset" emails claiming to be from Facebook have been used a number of times over the last few years as a means of distributing trojans and other malware.

Facebook users should be very cautious of any unsolicited email that claims that their Facebook password has been changed. Facebook is never likely to include a new password in an email attachment. If you receive any such message, do not open any attachments that it may contain. And, do not follow any links in the email. Some versions try to trick recipients into visiting bogus websites that contain malware.

Phishing scammers have also used bogus Facebook messages in attempts to
steal login details and other personal information from Facebook account holders.

Bookmark and Share References
Facebook Support. Your password has been changed!' contains trojan
Facebook Trojan Email - 'Your Password is Changed'
Facebook Password Reset Confirmation Trojan Email
Fake Facebook Login Phishing Scam

Previous Article

Issue 114 Start Menu

Pages in this month's issue:
  1. False Warning - Do Not Add 'Jason Lee' Because Its a Virus
  2. Amber Alert Hoax - Fake '72B 381' Abduction Alert Continues To Circulate
  3. Fake Order Notification Emails Carry PDF Exploit
  4. Padlock on Facebook Home Page Hacker Warning Hoax
  5. Tsunami Deep Sea Creatures Email
  6. Hoax News Report - Japan to End Whaling
  7. Visa Card Violated Phishing Scam
  8. Facebook 'Virus' Alert - Twilight the Movie Link 'Worst Virus Ever' According to Facebook and CNN
  9. Prayer Request for Injured Soldier Tony Mullis
  10. Inaccurate Warnings Claim ALL '' Links Are Suspect and Should not be Clicked
  11. Facebook Non Secure Browsing Warning
  12. Facebook 'Trojan' Warning - Girl Who Killed Herself In Front Of Web Cam Video
  13. Do Circulating Photographs Show a Mass Fish Death In California Caused by the Japanese Tsunami?
  14. Facebook Rogue App Survey Scam - BBC News Check What She Did on Cam
  15. Google Promotion Award Advance Fee Scam
  16. Facebook "Your Password is Not Safe" Malware Email