DID FACEBOOK RESET MY PASSWORD?

Share with your network!
The last three days have seen a sharp uptick in social engineering, as one or more of the malware distributors are, once again, playing on the popularity of Facebook to convince people to open their email. Emails with the subject "Facebook Password Reset Confirmation" have been flooding inboxes over the last few days, enticing people to open a zip file which purportedly contains the user's new password. Of course, it contains no such thing - the zip file is actually just another piece of malware. Samples that I have looked at include what Kaspersky is identifying as "Packed.Win32.Krap.w", a trojan designed to download and install other programs without the user's knowledge. ZDNet's coverage is calling this the return of the Bredolab botnet, known to be responsible for both spam and identity theft. Cloudmark saw these emails starting just before 1PM Pacific time on Monday, October 26th. By mid-day Tuesday, October 27th, almost half a million attempts had been made to deliver copies to mailboxes protected by Cloudmark Desktop, and by mid-day Wednesday, October 28th, that number had risen to almost three-quarters of a million. Cloudmark Desktop protects almost 2 million active mailboxes. I cannot stress enough - these emails are not coming from Facebook, and they do not mean that your Facebook account has been taken over, or that someone is trying to get your password. The emails are coming from already compromised computers from all over the world, and all they are trying to do is to add your computer to the growing legion of bots. Facebook, unfortunately, is just another victim here; they can't stop bad guys from using their name to dangle as bait in front of you. You can take several steps to protect yourself. Make sure your anti-virus is up-to-date, and consider running more than one flavor of anti-virus or malware detector. Do not open attachments you're not expecting. Use different passwords for all of the websites that you use so that, even if one is compromised, others can't be.