Filed under: Security, Social Software
Fake Facebook password-reset emails are a botnet attack
If you didn't ask to have your Facebook password reset, think twice before opening an email that looks like it's from Facebook's support team. A lot of these fake password-reset emails have been going out lately, and the attachments they contain can take over your computer and add it to the Bredolab botnet, according to ZDnet.Your first clue that these emails are sketchy is that they contain a zipped .exe file, which is a horribly insecure and inefficient way to send an account password. Although the mail looks like it comes from support@facebook.com, the address is just spoofed to fool you. The botnet behind this attack, Bredolab, is reportedly involved in some large-scale spamming and identity theft activities, so don't risk letting your computer become part of it.
[via ZDNet]
digg_url = 'http://www.downloadsquad.com/2009/11/25/the-atari-classics-are-back-and-free-to-play-asteroids-lunar-l/';
Believe it or not, Atari have just released a bunch of old games on their own website. These aren't clones, these aren't even 'loving interpretations' -- these are the real thing, remade by Atari themselves. This comes as part of a re-launch for the Atari website which includes an online store.
I warn you, if you read on, this might turn into more than just a mere ten-minute time-waster.
...
Reader Comments (Page 1 of 1)
eponer said 8:29AM on 10-29-2009
Similar attacks are going around pretending to be from Citrix / GoToMyPC
Reply
Beth Jones said 10:33AM on 10-29-2009
This shows that people are simply too trusting. Just because an email seems to come from Facebook, or Twitter or your bank doesn't make it so. If you are uncertain, you can always contact the support group of whoever seems to have sent the email and ask them to confirm the email came from them. Nine times out of ten, it won't be.
Users shouldn't be afraid to question anything that looks suspicious or even slightly dodgy that's asking for sensitive information.
Reply
Justin Shaw said 12:56PM on 10-29-2009
can we do something about this huangzhixian94 fellow? seems to be bent on terrible grammar and selling cheap crap from a dubious website.
Reply
Jack said 8:19PM on 10-29-2009
I actually got this email. So I have posted the email details such as headers and the email source on my website.
http://www.jackcola.org/blog/40-facebook-fake-password-reset-emails
Reply
vitaly726 said 10:35PM on 10-29-2009
Do you know if it can effect a Mac? I accidently opened it and now I am worried that it's on my computer.
Reply