Dangerous Email!
@owlwings (43910)
Cambridge, England
October 30, 2009 2:58am CST
I just now received an email which read as follows:
[b]Hey contactnn ,
Because of the measures taken to provide safety to our clients, your password has been changed.
You can find your new password in attached document.
Thanks,
The Facebook Team.[/b]
It has an attachment that contains a virus (thank you Yahoo Mail for scanning it!)
I knew immediately that it was false because my name isn't 'contactnn' and it was sent to an email address I don't use for Facebook (in fact, it was sent to a 'catchall' address that I don't use at all!)
If you get anything similar, DO NOT believe it ... DO NOT download/click on the attachment. Your Facebook password has NOT been changed!!
Have you received something like this? (They are being sent out in the guise of a number of sites - banks, MySpace and so on). Did it concern you or worry you? Does your Mail service scan attachments for you and, if not, have you been infected by this one?
6 people like this
16 responses
@savak03 (6684)
• United States
30 Oct 09
These people will go to any lengths to cause problems. Sometimes I wonder why they bother. I have gotten those kinds of emails before but I am by nature a cynical person and don't take much at face value. As far as virus's are concerned the only time I have gotten one was when my sil was using my computer to cruise around girly sites. The first time it happened I firmly disabused him of the idea that he could use my computer for things like that. I have AVG and it scans both incoming and out going emails so not only am I safe but everyone I email is safe from me. The new version updates every 20 minutes so I'm confident that it is working as fast as the criminals are.
2 people like this
@zed_k4 (17589)
• Singapore
1 Nov 09
That's right; and all those phishing mails are really irritating..
@whiteheather39 (24403)
• United States
30 Oct 09
So far I have not received any of these emails and yes thank goodness for Yahoo scanning my incoming mail.
I am not sure if you have seen any mail when your email address is the sender???!! It goes to my scam file but I do not understand how the sender address is the same as the recipient (me) address. Any comments as to how this is possible. I have seen it every couple of days for the past week or so. It is starting to bug me!
1 person likes this
@BarBaraPrz (47265)
• St. Catharines, Ontario
30 Oct 09
I've gotten those too, the ones I've supposedly sent myself. How can we mark ourselves as being Spam??? Clever monkeys.
@flagella08 (5065)
• Philippines
30 Oct 09
hey i got that but i lost time to change my password. thank you soooo much for this post. my name was right there in the mail. how do these guys make me believe them thanks GOD i wasn't able to find time to change my password. i don't visit facebook that often. again, thanks a lot for informing us here.
1 person likes this
@owlwings (43910)
• Cambridge, England
30 Oct 09
Changing your password regularly is not a bad thing to do, especially if you get something like that. This mail could be worrying, though, because it seems to suggest that your password has been changed, so you wouldn't be able to log in to change your password!
The way it's worded it would seem to make it essential to open the attachment and many people might (indeed, almost certainly will) open the attachment without thinking.
Yahoo simply won't let me download the attachment, so I can't see what virus it contains but I'm told it's a Trojan called Bredolab: http://ub-news.com/news/trojanbredolab-virus-hitting-through-facebook-password-reset-messages/5989.html
2 people like this
@owlwings (43910)
• Cambridge, England
30 Oct 09
To be quite clear:
1) FIRST try logging into Facebook using your normal email and password. Don't panic and make sure you type your password correctly.
2) If you can log in, all is well. If not (very unlikely), then use the facility on the Facebook page to retrieve your password ... DON'T believe the email!
1 person likes this
@mysdianait (66009)
• Italy
30 Oct 09
Morning Owl!
Haven't received that one yet so thanks for the warning!
I did open something the other day but I'm not sure what it was and AVG warned me so I got rid of it immediately. It wasn't about changing passwords though and I can't remember exactly what it did say.
There is always something that we have to be wary of and with the holidays just round the corner I guess we will be getting more than usual
1 person likes this
@mysdianait (66009)
• Italy
30 Oct 09
I fear also for younger users who are not aware of these things. A friend's daughter opened a mail this afternoon and now their computer is k.o.
@cynthiann (18602)
• Jamaica
30 Oct 09
I have one of these on my pc right now. I haven't opened it as so many people are asking me to join face book but I do not have the time for anything other than Mylot. Many thanks for th warning and I am going to delete it immediate.
1 person likes this
@corrycrystal (1775)
• Malaysia
30 Oct 09
I think this is another site of password grabbers. I also received an alert last night about a website called 'FBstarter', a fake Facebook site. The domain has no connections with the original FB and once someone logs into this domain, his or her password will be in risk where it is believed that they will use this person's account to generate hoax messages.
I have found that FB has blocked this domain a few months ago. It does worry me, but I guess, it is better to change our passwords every once in a while just in case.
1 person likes this
@owlwings (43910)
• Cambridge, England
30 Oct 09
This particular one is not, I think, a phishing attack or someone who aims to get your password, though the Trojan may grab personal data and upload it - I haven't checked to see what it does yet.
I do know (from a little research) that the mail originated in Lithuania and was sent via a commercial mailing program (Mailix) located in the US. All of that information is in the full header of the mail (if you know how to look at that and what information is genuine - much of it can be 'spoofed').
The last one I had like this (which wasn't about Facebook) originated in S. Korea.
1 person likes this
@owlwings (43910)
• Cambridge, England
31 Oct 09
This mail was NOT from Facebook (though it appeared to be at first glance). I agree that some apps have been found to contain viruses, spyware and trojans but Facebook are very hot on that and, as soon as one is discovered and reported, they do their best to remove it. In fact, that is not too big a problem.
The other thing, of course, is that one needs to be careful about who one accepts as a 'friend' - just as one does with MySpace, Twitter or any other social networking site. 'Friends' can send each other private messages and much more, including links to unsafe sites.
The message I am talking about actually has nothing to do with Facebook. I have received the same virus/trojan as an attachment to a mail about an 'undeliverable' package from DHL. (Of course, that had nothing to do with DHL, either - it was sent from Korea).
@zed_k4 (17589)
• Singapore
1 Nov 09
I have a friend warning me about this on Facebook but I didn't know the exact details. Now that I've seen it from your discussion here, I get a better idea. That's a real bummer; I don't know if it's linked, but my Facebook loadings from one application to the other were quite slow. And things are going blank by loads; and I had to refresh most times.
@owlwings (43910)
• Cambridge, England
3 Nov 09
I don't think there was any connection with Facebook at all. I have had certain Facebook applications run very slowly or give an error recently, too. That is almost certainly a problem with the applications and not Facebook. Some of the newer applications are finding that they are more popular than they had bargained for and it's a simple bandwidth problem!
This mail simply used the name ... and people's anxiety. I have had the same thing (a zipped trojan as an attachment) with mails that seemed to be about an undelivered parcel from DHL.
@jazzsue58 (2666)
•
30 Oct 09
I got one a while back from "PayPal" - telling me an amount was about to go out of my account and to log in so they could verify it was legit. I fell for it, right to the moment when, having given my bank details, I was asked to supply my PIN ...
1 person likes this
@owlwings (43910)
• Cambridge, England
3 Nov 09
I have seen the same thing attached to a message that says that one has a DHL parcel that couldn't be delivered. These people find any excuse to make you feel that opening the attachment is important and urgent.
Fortunately, Yahoo will not let you open or download the attachment but other mail clients may do. Always be very wary of opening attachments that you weren't expecting and (if you are tempted to do so) download them and scan them with a good antivirus before you even think of opening them!
@PeacefulWmn9 (10420)
• United States
30 Oct 09
People new to the internet are most apt to believe this kind of e-mail is accurate and act upon it. Always a mistake. Most reputable social sites make it clear that they will never ever ask you for your password or personal info, etc. I have received these off and on through the years, and now know not to respond. Since I'd read the guidelines of sites to which I belong, I didn't even open them in my first days online.
You've offered some valuable advice. Everyone should have a virus scanner for e-mail, as well as their entire computer.
Karen
@owlwings (43910)
• Cambridge, England
31 Oct 09
With the number of genuine, free and good antivirus and firewall programs there are available, I am astounded that many people still don't have AV or a proper firewall.
I suppose that, however much we provide guard rails, crossing lights and repeated warnings and training, there will always be those who never look when crossing the road and, inevitably, get hurt!
Perhaps we need an Internet Driving Licence which everyone has to take before they can sign up for an Internet connection!
1 person likes this
@owlwings (43910)
• Cambridge, England
3 Nov 09
We could have great fun creating an "Internet Drivers' Licence" and I think many people would benefit!
For some years I was involved in delivering the European Computer Driving Licence (ECDL) program which tested people's ability in basic use of computers and very basic Internet usage though the main object was to familiarise people with (MS) Office applications. It was really quite a simple set of seven modules which most people would achieve in three or four weeks (depending on their ability and the time spent). Although most students found it quite stressful ('exams' are stressful just because they are exams to many people), the relief, pride and sense of achievement I watched people experience told me that it was well worth it for them ... and made it very rewarding for me!
The ECDL/ICDL Certificate is recognised widely and is a good qualification to have if one is ever looking for work in almost any industry. I think that the US has a similar qualification and tends to ignore the International one!
1 person likes this
@PeacefulWmn9 (10420)
• United States
31 Oct 09
An Internet Driver's License...I love the idea. But would everyone, even then, fasten their AV seat belts???
Those who ignore such things, even when educated about them, do so at their own peril. Sad.
Karen
@Sandra1952 (6047)
• Spain
3 Nov 09
Hello, Owlwings. I haven't received this particular one, but I have received others purporting to come from my bank, credit card, Ebay snd so on. I never respond to any of them, as the big giveaway is they don't use your user name. Legitimate emails always address you by your user name or correct title. I usually forward them to the institutions they claim to represent, in the hope that some of these nasty people will get caught.
@nengracia (66)
• Philippines
11 Nov 09
Haven't received any email like this. Obviously, this is a virus and if I ever get one of these sort, I delete it quicker than the fastest draw! Hah!
@BarBaraPrz (47265)
• St. Catharines, Ontario
30 Oct 09
I haven't received that particular one, but I do get similar ones from time to time. The one I get most often is one purporting to be from PayPal... those I just forward to spoof@paypal.com, for which they thank me.
@triplejazzm51 (1373)
• Philippines
30 Oct 09
Hi! i have'nt recieved and email like this yet. I hope they wont send me one. But if they will, at least i knew already what to do. Thanks a lot for the warning. [em]