Don’t open that Facebook e-mail

Millions of spam e-mail messages were sent to Facebook users around the world last week in a scam that could infect computers with software that steals passwords and other data.
 
The e-mail's subject line says "Facebook password reset confirmation customer support.” The messages look like they came from Facebook, but they contains an attachment that users are instructed to download to find a new password that was allegedly reset.
 
Facebook Security, in a message to users, said it would not send messages with attachments. “There's another spoofed e-mail going around that claims to be from Facebook and asks you to open an attachment to receive a new password. This e-mail is fake. Delete it from your inbox, and warn your friends,” the site stated.
 
Dave Marcus, McAfee's director of security research and communication, told PC World magazine that the attachment is a Trojan horse program containing a malware, including password stealers, rogue antivirus programs, or botnet code. The password stealer can potentially access any username and password combination used on the computer, not just for the Facebook account.
 
"As we had previously discussed in our 2010 Threat Predictions, social-networking sites will continue to be a favorite social-engineering lure for cybercriminals to distribute malware," he told CIO Today. "Make sure you are protected and educated."
 
Facebook has more than 400 million users. McAfee, in a “Consumer Threat Alert” blog post on its site said, "This is also the sixth most prevalent piece of malware targeting consumers in the last 24 hours, as tracked by McAfee Labs."
 
To avoid problems, experts advise users to delete the Facebook scam e-mail. In addition, they say to install security software, make sure it’s the most up-to-date version, and keep the subscription active. Also, watch for poor grammar and awkward phrasing – it’s a tipoff of a scam.
 
Related articles:

You may like these other stories...

How are you planning? What tools do you use (or fail to use) for forecasting? PlanGuru is a business budgeting, forecasting, and performance review software company based in White Plains, N.Y. AccountingWEB recently spoke...
Event Date: October 30, 2014, 2 pm ETMany Excel users have a love-hate relationship with workbook links. For the uninitiated, workbook links allow you to connect one Microsoft Excel spreadsheet to other spreadsheets, Word...
Event Date: September 9, 2014, 2:00 pm ETIn this session we'll discuss the types of technologies and their uses in a small accounting firm office. Included will be:The networked office: connecting everything together for...

Already a member? log in here.

Upcoming CPE Webinars

Aug 21
Meet budgets and client expectations using project management skills geared toward the unique challenges faced by CPAs. Kristen Rampe will share how knowing the keys to structuring and executing a successful project can make the difference between success and repeated failures.
Aug 26
This webcast will include discussions of recently issued, commonly-applicable Accounting Standards Updates for non-public, non-governmental entities.
Aug 28
Excel spreadsheets are often akin to the American Wild West, where users can input anything they want into any worksheet cell. Excel's Data Validation feature allows you to restrict user inputs to selected choices, but there are many nuances to the feature that often trip users up.
Sep 9
In this session we'll discuss the types of technologies and their uses in a small accounting firm office.