Recently one of my friends got an e mail from Facebook Security informing, that his Facebook password has been changed due to some security reasons and the new password is attached. The attachment was a zip file (see the screen shot), he opened the attachment and the problem started. The PC (Windows XP ) started misbehaving with numerous popups and the warnings such as ” Your computer has been attacked”. A free Anti virus software (updated) was installed on the system but it couldn’t heal the threat. Finally he was compelled to format the PC. This was happened almost one month back. Now he got the same e mail once again, this prompted me to go through about this in detail.
McAfee security blog warned that millions of Facebook users received such emails informing Reset password. This virus reached in the top 6 position and reached as high as No. 6 on McAfee’s Global Virus Map’s Top 10, which tracks consumer detections worldwide. Facebook team has already warned about this security threat in Facebook Security page . McAfee says “The malware in the attachment is pretty much what one would expect: downloaders, password-stealing Trojan, fake-AV, or bot stuff, depending on which one you got”. This can be a potential danger considering around 400 million Facebook users can be trapped into this.
Don’t open the attachment. Facebook will never send you an e mail to reset your password. Immediately delete such mails.
Keep your Anti virus software and firewalls up-to-date.
The smart spam detecting algorithm of Gmail, Yahoo etc were already detected this as a acam and tagged the mail as Spam. But the curiosity to open the spam mails can burn your fingers.
This malware is not basically targeted to steal your Facebook password, it can steal all the other user ids and passwords used on the computer .
Don’t make any internet banking transactions from the infected PC. Immediately change the passwords/user ids.