Beware the new Facebook password reset scam

McAfee warns of password stealer hiding in attachment that comes with an e-mail purporting to be from Facebook.

Elinor Mills Former Staff Writer

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.

See full bio

Elinor Mills

March 17, 2010 5:08 p.m. PT

This is what the Facebook password reset scam e-mail looks like. McAfee

If you get an e-mail that appears to be from Facebook saying the company reset your password and urging you to open an attachment, it is a scam. Repeat, it is a scam.

McAfee warned people in a blog post on Wednesday to beware of an e-mail that appears to come from Facebook urging recipients to open an attachment to get their new password.

The attachment contains a password stealer that targets Windows computers and which can potentially access any username and password combination used on the computer, not just the login credentials for Facebook.

"This threat is potentially very dangerous considering that there are over 350 million Facebook users who could fall for this scam," McAfee says. "This is also the sixth most prevalent piece of malware targeting consumers in the last 24 hours, as tracked by McAfee Labs."

There are obvious clues that this is a phishing scam. For one, Facebook doesn't send e-mails like this. It may send an e-mail with a link where the user can reset the password, but not an e-mail with an attachment. Secondly, the e-mail has poor grammar and awkward phrases. For instance, Facebook is not capitalized in the salutation.

For more on phishing scams read this FAQ.

This map shows where the Facebook Reset scam is concentrated. McAfee

Updated March 19 3:50 p.m. PDT to add that the malware targets Windows.