ALERT: New Facebook Email Malware Spreading

A new email off of Facebook, claiming to be affiliated with the social network and asking for your password.

A new email is spreading through inboxes which claims to be Facebook asking for your password, but of course that’s not the case.

It’s one of the most common ways of distributing trojan (or other) viruses. Users who receive the email will see a message which resembles the following:

Dear user of FaceBook.

Your password is not safe!
To secure your account the password has been changed automatically.

Attached document contains a new password to your account and detailed information about new security measures.

Thank you for attention,
Administration of Facebook.

The most obvious issue with this email is that the creators of it have messed up the case in one instance of the word Facebook. Instead they call it “FaceBook.” While that’s not a major issue, it’s definitely a mistake anybody truly affiliated with the real company would probably never make.

According to Sophos security, there are a number of subject lines being used by the scammers including “Facebook. Your password has been changed! [NUMBER]”, “Facebook. The new password to your account. [NUMBER]”, and “Facebook Support. Personal data has been changed! [NUMBER]”

The primary way to protect yourself is pretty obvious: delete the email and don’t download any attachments. While this should be common sense, scammers are good at getting users to do things that go against common sense.