Phishing E-Mail on Changed Password Targets Facebook Accountholders
According to a warning by security researchers at Sophos, e-mails infected with the Oficla Trojan are circulating as they pretend to be notices from Facebook for fresh passwords. SoftPedia reported this on November 18, 2010.
Several titles show up in the fraudulent electronic mails like "Facebook Service. Your account is blocked" and "Facebook Support. Your password has been changed," the security company reports. Moreover, the e-mails so entice Facebook members that they become convinced that the website is giving them one fresh password in keeping them safe.
The text of the e-mail also isn't very well written as also its English errors should easily signal recipients that it isn't any formal communication. Addressing the client, it states that his Facebook account has been used to send a spam. Therefore, he has been issued a new password for security reasons. An attachment has been provided containing his account information along with the password. The reader should go through this information and subsequently reset his password, the e-mail suggests. Finally, it signs off from Facebook Service, while thanking the reader for giving his time. Consumeraffeir.com published this on November 18, 2010.
Now, owing to the scam e-mail, security researchers advise Internet-users that in case they get an e-mail asserting that it's from Facebook Support, while informing them about their newly-changed password which can be obtained only from a given .zip attachment, then users mustn't open that attachment. For, the attachment rather than containing any password drops Oficla, a malware that's usually disseminated through bogus e-mails posing as messages from genuine businesses. Also called Sasfis, this Oficla malware helps to distribute other malicious programs such as bogus anti-virus software.
Meanwhile, the researchers say that Facebook has had password phishing campaigns targeting its users' e-mail accounts previously too. Then also malware was distributed. However, in the current campaign the theme may've been taken from an incident, lately, wherein a system vulnerability of the website resulted in inadvertent suspension of numerous accounts.
Sophos' researchers state that Web-surfers must always treat unsolicited e-mails, which prompt to view a given attachment, with suspicion. SecurityNews published this on November 18, 2010.
Related article: Phishing With A Redirector Code
» SPAMfighter News - 30-11-2010