Beware of a fake email that claims to be from Facebook and asks you to open an attachment to receive a new
password. This email is potentially harmful. Delete it from your inbox. The attachment contains a password stealer that targets Windows computers and which can potentially access any username and password combination used on the computer, not just the login credentials for Facebook.
According to McAfee Labs this is the sixth most prevalent piece of malware targeting consumers.
Here are few clues that this is a phishing scam.
- Facebook doesn’t send e-mails like this. It may send an e-mail with a link where the user can reset the password, but not an e-mail with an attachment.
- The e-mail has poor grammar and awkward phrases. For instance, Facebook is not capitalized in the salutation.