As of last night, more than 750 000 users of Facebook received a fake password reset message and it is showing no signs of abating, Cloudmark, the IT security software and service specialist, said.
According to Cloudmark, the bot-based attack targets Facebook users with a spoofed message that claims recipients' passwords have been reset as a security measure.
The messages, which have subject lines such as `Facebook Password Reset Confirmation', include a file attachment that supposedly contains the new password.
In fact, said Cloudmark, the attached zip file includes a trojan downloader, dubbed Bredlab or Bredolab by several anti-virus and malware vendors.
Once triggered, the downloader streams a range of malware from a number of hacker servers, including fake security software aka scamware - installing attack code and rogue antiv-irus applications on the compromised PCs.
Facebook has said it cannot do much about the scams, because they are generated from outside companies and sent directly to users' email accounts.
The social networking portal advises its users to check the security warnings on its website and advises members not to respond to external emails unless they refer directly to a Facebook URL.
Comments
brucearnold says:
01 November 2009
Big Brother Has a Name, and that Name is CLOUDMARK:
Some of you may recall me claiming that "they" were blocking emails containing my 9/11 Truth Bikers domain name. Well, I have uncovered who "they" is. "They" is Cloudmark, the purveyors of "Cloudmark Authority":
http://www.cloudmark.com/en/serviceproviders/authority.html
This s)p)a)m filter focuses on "content-based s)p)a)m signatures" using decision rules determined by whoever installs the software on their email servers. Well, one of those installers was Network Solutions, Inc., one of the world's largest domain registrars and web hosting companies. And using the "authority" granted by Cloudmark, Network Solutions has been blocking all incoming and outgoing emails that contain even one reference to "9)1)1)T)r)u)t)h)B)i)k)e)r)s).)c)o)m". And as if to add further punishment for my boat-rocking, they even started blocking all emails containing my phone number!
Why would Network Solutions DO something like that?!? I don't know for sure--yet--but tracing their origin, history and ownership as I just did is something I recommend for all who champion 9/11 Truth and oppose Constitutional erosion. This graphic (which I encourage you to copy, repost and broadcast) should set you on the right track:
http://i880.photobucket.com/albums/ac10/brucearnold/Cloudmark_nsCensorship.png
http://tinyurl.com/Cloudmark-nsCensorship
THIS IS NO DRILL. THIS IS A WARNING:
Millions of emails are filtered through Network Solutions email servers every day. What else is Network Solutions using Cloudmark-enabled "nsCensorship" to block besides my 911 URL and my phone number? And how many other Internet companies are exercising similar "Cloudmark Authority"? And, how many more Big Brother enablers like Cloudmark are out there?
Please pass this along to everyone who might be affected ... which is pretty much everyone who uses email.
Bruce Arnold
Bruce@LdrLongDistanceRider.com
Follow me on Twitter @ironboltbruce
Co-Moderator, Bruce-n-RC's Biker Forum
Member, American Civil Liberties Union (ACLU)
Mile Eater Gold Member, Iron Butt Association (IBA)
Sustaining Member, Motorcycle Riders Foundation (MRF)
2009 Chairman's Circle, American Motorcyclist Association (AMA)
Author|Publisher, LdrLongDistanceRider.com|911TruthBikers(dot)com
Signatory, 911 Truth Statement & Petition (911Truth.org|ae911Truth.org)
Note: The majority of comments posted are created by members of the
public. The views expressed are theirs and unless specifically stated are not those
Elsevier Ltd. We are not responsible for any content posted by members of the public
or content of any third party sites that are accessible through this site. Any links
to third party websites from this website do not amount to any endorsement of that
site by the Elsevier Ltd and any use of that site by you is at your own risk. For
further information, please refer to our Terms & Conditions.
Comment on this article
You must be registered and logged in to leave a comment
about this article.