Monday, October 26, 2009

Facebook Password Reset Confirmation Phishing Email

I received an email in my corporate email account informing me about a password reset of my Facebook account...what Facebook account? I don't have one

the email has subject lie: "Facebook Password Reset Confirmation" sent from IP address 202.64.92.44 (yeah, email addresses can be easily spoofed but not the source IP address but may be a compromise home PC)



Phishing email has body message:

"Hey xxxx ,

Because of the measures taken to provide safety to our clients, your password has been changed.
You can find your new password in attached document.

Thanks,
The Facebook Team"

the file attachement is a zip file with filename "Facebook_Password_4cf91.zip"

I didn't bother to have file scan with my online anti-virus, keyloggers and malware scanning tools. Running malware analysis might be interesting but sadly, I don't have the time for it.

Just beware of facebook phishing and don't even think of executing the attachment unless you know what you're doing.


No comments:

Post a Comment