Thursday, March 18, 2010

Beware the new Facebook scam

There's a new Facebook scam out. On CNET's Insecurity Complex blog Elinor Mills reports on the newest Facebook Scam. First reported by McAfee on its Security Insights blog, the scam is an email claiming to be from Facebook, and that your password has been reset. All you have to do to get your new password is click on the attachment.

Yeah.

Obviously you don't want to click on the attachment or I wouldn't be bothering to post about it. Clicking on the attachment installs a "password stealer" as McAfee calls it. I don't know if it's a keylogger or something else, but it isn't limited to stealing Facebook passwords. And according to McAfee it's the 6th most common piece of malware targeting consumers. You can see an example of the scam email on the McAfee site.

Remember, clicking on unknown links and attachments in email is inviting disaster.