McAfee posted on its blog recently news about e-mail purportedly coming from Facebook urging recipients to open an attachment to get their new password on the site. Unfortunately the email is a scam to get not only users’ password of the popular social networking website, but potentially any accounts they use while using their computer as well.
This is the latest in a wave of malware and phishing scams specifically targetting uses of social networking websites. As the popularity of these websites grow, so do their attractiveness to online crooks. It is estimated that Facebook alone has over 350 million users, and just recently has surpassed Google as the most popular destination on the Internet. Even if just a small percentage of users fall for the scam, this would still make a sizable number of compromised profiles and accounts.
As always, be extra careful when opening any sort of attachment in email messages. Also make sure to double check the sender of the message, the context and its content. For example, Facebook rarely asks users to update their account information via email. In addition, the message in the bogus email mentioned here is supposedly full of awkward sentences and wrong spellings, which should clue users in on its authenticity. Of course customers enrolled in our managed security services won’t have to worry, as we block these types of messages before they reach their Inbox. Worried about threats coming in through your email? Contact us and see how we can help.
- Beware the new Facebook password reset scam (cnet.com)
- Social-networking sites short on security (securityfocus.com)
- EU may regulate social networking sites over security issues (arstechnica.com)