Facebook password change emails being tapped by cybercriminals

According to Graham Cluley, senior technology consultant with Sophos, the impostor Facebook messages look almost genuine, but include an attachment – which kind of gives the game away, Infosecurity notes.

Opening the attached file is obviously a very bad idea, says Cluley, "as it will infect you with a trojan horse that attempts to communicate with a website hosted in Russia."

Sophos products, he notes, detect the Trojan horse as Troj/Agent-QAY, and the ZIP file that encloses it as Mal/BredoZp-B.

"Hopefully most people wouldn't fall for a scam like this, perhaps because they would notice the awkward use of language used in the email", he said in his security blog.

"But with so many Facebook addicts out there, I wonder how many people would panic at the thought of their password being changed and rashly click on the attachment without thinking", he added.

Because of this, Sophos is advising that users keep their computer security up-to-date, and remain aware of the social engineering tricks used by cybercriminals to lure them into running their malware.

What’s Hot on Infosecurity Magazine?