Latest Malicious Facebook Email Steals Passwords

Dennis Faas's picture

If you receive an email with the message "Facebook password reset confirmation customer support" in the subject line, don't click the link. Doing so would cause you to fall victim to the latest password-stealing virus targeting Facebook users.

Facebook's estimated 400 million users are being targeted by hackers in an effort to steal banking passwords and gather other sensitive information.

McAfee Warns of Malware in Attachment

According to McAfee Inc., recipients of the email are told that their Facebook passwords have been reset. They're then urged to click on an attachment to obtain new login credentials. Users that open the attachment are subject to several types of malware, including a program that steals passwords.

Attack Uses Email, Not Facebook's Message System

Facebook users have been targeted by hackers using tainted messages via Facebook's own internal email system, but the new attack uses regular Internet email to send the malicious software.

Facebook would not comment, but did point to a status update posted on its web site warning users about the spoofed email and advising its users to delete the email and warn their friends of the bogus message.

McAfee estimated that the hackers sent out tens of millions of the spoofed emails across Europe, the United States and Asia since the illicit campaign began on Tuesday. (Source:

Dave Marcus, McAfee's director of malware research and communications expects the hackers to succeed in infecting millions of computers. If ten percent of the estimated 400 million Facebook users click on the attachment, 40 million people could be affected.

If you receive the spoofed email, delete it immediately.

Visit Bill's Links and More for more great tips, just like this one!

Rate this article: 
No votes yet