A fake Facebook password reset email seems to be doing the rounds in the last few days. I fixed two computers today that had been infected by this particular malware. The Facebook password reset email says the following:
Subject: Facebook Password Reset Confirmation! Customer Support
Dear user of Facebook,
Because of the measures taken to provide safety to our clients, your password has been changed. You can find your new password in attached document.
Thanks,
Your Facebook.
Instead of having a fake Facebook page to collect the victims passwords (phishing), the email is sent with a malware attachment. The malware is known as “Bredolab” which is a Trojan downloader. In the two computers I repaired today, Bredolab downloaded some rogue antivirus products. However, some sites are saying that it also downloads a password stealing trojan.
If you see it onsite, Malware Bytes seems to deal with the Trojan once you kill the main executable (at least the rogue antivirus variants). Be sure to tell your clients to change their passwords after the infection has been removed as well.
Subscribe to:
Post Comments
(
Atom
)
No comments :
Post a Comment