29th October 2014
SCAMwatch is warning Facebook subscribers about a hoax email they may receive under the guise of a password reset email.
Ignore this email and delete it immediately—it is being used to spread virulent malicious software onto the computers of Facebook subscribers.
SCAMwatch has been advised that the scam email enters inboxes looking as though it is an auto-generated email from the Facebook Team. It announces to subscribers that as a security measure their password has been changed and that this needs to be confirmed. Attached to the scam email are two documents with file names beginning with ‘facebook_password’ that are supposed to include the new password.
SCAMwatch warns you not to open these attachments. If you do, you will activate a very nasty Trojan or malicious software calledtheBredolab Trojanand your computer will be taken over for use by the scammers at their will.
The Bredolab Trojan will also open your computer up to all manner of other malicious software, including one that will begin to generate spam. It has been reported that this particular Trojan is able to trick firewalls and hide itself in computer systems to avoid detection.
If you think your Facebook account has been compromised, refer to the Facebook Help Centre, which provides information on how to deal with a hacked account.