Facebook users in Australia and New Zealand have been targeted by an email scam containing an attachment that installs a password stealer on their computer.
Scammers send an email that appear to be from Facebook, telling recipients that their Facebook password has been reset and they need to click on an attachment to retrieve it. The attachment however is a password stealer that installs when the user clicks on it. Once installed, the password stealer can potentially access any username and password combination utilized on that computer, not just for the user’s Facebook account.
This threat is potentially very dangerous considering that there are over 350 million Facebook users who could fall for this scam. This is also the sixth most prevalent piece of malware targeting consumers in the last 24 hours, as tracked by McAfee Labs.
Facebook would never send an email alerting a user that they changed his or her password. Another clue that can signal a user has received a spam email is the use of poor grammar and awkward phrases such as in the below greeting “Dear user of facebook.”
Facebook users in Australia and New Zealand appear to be bearing the brunt of these scam emails, with statistics from McAfee below showing the worldwide reported distribution of this attack highlighting the high proportion of emails in the region.