Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 97 - September 2009 - Page 13

Pages in this month's issue:
  1. Fake Happy Burger Day Red Robin Coupon
  2. ANZ Invalid Login Attempts Phishing Scam
  3. Mexican Largest Flower in the World Photo - Blooms Once Every Forty Years
  4. Mailbox Deactivated Trojan Email
  5. The Obama Phone - Free Cell Phones for Welfare Recipients
  6. Sachin Tendulkar And The Shell Shaped House
  7. First Communion on the Moon
  8. The Uno - Ben Gulak's Innovative Electric Motorbike
  9. Most Colourful River In The World Photographs
  10. Hyundai Chairman Charity Donation Scam
  11. Stopped The Train - Burning Train Bridge at Sharon Springs
  12. MSN 18 Contacts Hoax
  13. Facebook Password Reset Confirmation Trojan Email
  14. Microsoft Email Beta Test Hoax Continues
  15. Let's Say Thanks Website - Send a Card to a Soldier

Issue 97 Start Menu

Previous Article            Next Article

Facebook Password Reset Confirmation Trojan Email

Summary:
Email, purporting to be from Facebook, claims that the user's Facebook password has been changed and informs him or her that the new password can be found in an attached document (Full commentary below).



Status:
Email is not from Facebook. Message is designed to trick recipients into installing a malicious trojan

Example:(Submitted, October 2009)
Subject: Facebook Password Reset Confirmation

Hey [name removed],

Because of the measures taken to provide safety to our clients, your password has been changed. You can find your new password in attached document.

Thanks,
The Facebook Team




Commentary:
This email, which appears to be an automated message from popular social networking website Facebook, informs the recipient that his or her Facebook password has been reset, supposedly as a security measure. It claims that the user's new password can be accessed by opening a file attached to the email.

However, the message is not from Facebook and the claim that the user's Facebook password has been changed is untrue. In fact, the message is a trick designed to fool recipients into installing a trojan on their computer. Those who open the attached file, ostensibly to view their new password, will in fact be launching a copy of the Bredolab Trojan. Once installed, the trojan is able to download and install other malware components such as keyloggers and password stealers and allow Internet criminals to control the compromised computer from afar.

Facebook users should be wary of any emails claiming to be from Facebook that contain attachments or ask them to click a link to access a new password or provide login information. Note that, even if a password is reset, Facebook will never send a user a new password via an email attachment. If you receive such an email, do not open an attachments that come with the message. Nor should you click on any links in the email. Malware distributors sometimes trick users into clicking a link in an email that downloads a trojan from a malicious website. And, phishing scammers have also used bogus Facebook messages to trick users into supplying their login credentials and other sensitive personal information.

It is also important to note the Bredolab Trojan is also distributed via emails not related to Facebook, including bogus shipping confirmation messages and messages supposedly confirming the order of goods bought online.

Bookmark and Share



References:
Facebookers Beware: Fake E-Mail Contains Virus
Fake Facebook Login Phishing Scam
Error in Shipping Address Trojan Email
Bredolab Trojan Being Spread Through Fake Emails

Previous Article            Next Article

Issue 97 Start Menu

Pages in this month's issue:
  1. Fake Happy Burger Day Red Robin Coupon
  2. ANZ Invalid Login Attempts Phishing Scam
  3. Mexican Largest Flower in the World Photo - Blooms Once Every Forty Years
  4. Mailbox Deactivated Trojan Email
  5. The Obama Phone - Free Cell Phones for Welfare Recipients
  6. Sachin Tendulkar And The Shell Shaped House
  7. First Communion on the Moon
  8. The Uno - Ben Gulak's Innovative Electric Motorbike
  9. Most Colourful River In The World Photographs
  10. Hyundai Chairman Charity Donation Scam
  11. Stopped The Train - Burning Train Bridge at Sharon Springs
  12. MSN 18 Contacts Hoax
  13. Facebook Password Reset Confirmation Trojan Email
  14. Microsoft Email Beta Test Hoax Continues
  15. Let's Say Thanks Website - Send a Card to a Soldier