Malicious hackers have spammed out an attack that pretends to be an email from Facebook support saying that your password has been changed.
The messages, which have a variety of subject lines including “Facebook Service. A new password is sent you”, “Facebook Support. Your password has been changed” and “Facebook Service. Your account is blocked”, have a ZIP file attached which carries a Trojan horse.
Good afternoon.
A spam is sent from your Facebook account.
Your password has been changed for safety.Information regarding your account and a new password is attached to the letter.
Read this information thoroughly and change the password to complicated one.Thank you for your attention,
Facebook Service.
Sophos products detect the attached ZIP file as Mal/BredoZp-B, and the Trojan horse contained within as…
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.