Latest Facebook scam could affect millions

Password stealer
19 Mar, 2010

A new spam attack against Facebook users could lead to millions of computers being infected with a password stealing programme.

The latest scam to hit Facebook could affect millions of user, security experts are warning.

A blog post from McAfee has claimed the spamming attack, where cyber criminals are posing over email as the social network’s officials, could enable a password stealing programme to be installed on the computer.

The phishing email, addressed to "dear user of facebook", reads: "Because of the measures taken to provide safety to our clients, your password has been changed. You can find your new password in the attached document."

By clicking on the attachment in the email, the malicious programme would be installed. This in turn could take any combination of username and password used on said machine, not just the Facebook account.

“Facebook would never send an email alerting a user that they changed his or her password,” the blog post said.

“Another clue that can signal a user has received a spam email is the use of poor grammar and awkward phrases such as in the… greeting 'Dear user of facebook'."

Users who receive the spam email are advised to delete it immediately.

McAfee said a huge number of Facebook users could be affected, with it estimated that over 400 million users are signed up to the site.