Facebook Password Reset Confirmation! Your Support.
E-mail Attachment Delivers Virus – Old Tricks Die Hard
I got another e-mail from “Facebook support”. This one tells me that my password has been reset, and my new password is contained in the attached Zip file.
[update: I just got two more. This time from “Facebook Networks”, and “Facebook Messages”.]
“Dear user of facebook,
Because of the measures taken to provide safety to our clients, your password has been changed.
You can find your new password in attached document.Thanks,
Your Facebook.”
According to Sophos, the malware inside the .zip is: Malware: Mal/TibsPk-A
“About this threat:
Mal/TibsPk-A is a malicious program that contains highly obfuscated code that has been encrypted and compressed. This program typically arrives in the form of a hoax email with an accompanying file attachment.
This program tends to:
- Harvest information
- Download code from the internet
- Open a backdoor allowing a remote intruder to gain access
- Sell fake anti-virus/security related products” (see, Your Computer Is Lying To You… The Epidemic Of Rogues)
Short version: open it and you’re thoroughly hosed.
Sophos continues..
“Fake package delivery or password reset messages trick users
This week, Mal/TibsPk-A arrived as an email attachment in a variety of ways. A typical email containing this malware can be one of the following formats:
Subject: Facebook Password Reset Confirmation! Customer Support.
Attached file: Facebook_password_<random characters>.zip
Subject: DHL Office. Please get your parcel
Attached file: DHL_Label_<random characters>.zip
Subject: Amazon Shop! Your order has been paid! Parcel NR.5014.
Attached file: Postal_label_<random characters>.zip”
two more attacks - same day
I cannot stress enough to you, Dear Reader, that cybercrime is a bigger industry than the illegal drug trade, and they are stealing billions every year. Why not? All it takes is one wrong click!
Don’t be a victim. Exercise “paranoid common sense” when online. This is just one “for instance”.. sent to tens, maybe hundreds, of thousands of e-mail addresses (I never have signed up for Facebook).
Oh, .. and visiting here regularly can help.
Unrelated: Do you like free software? Own a laptop? See my current software license giveaway: Software License Giveaway Drawing. Entering is easy.
Copyright 2007-2010 © Tech Paul. All Rights Reserved. 
post to jaanix.
>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<
| Share this post : |  |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
• About Tech Paul
I am a Retired computer & network technician. I used to think the machines were pretty cool. Now I don’t.
They’re anything but.
I regularly posted how-to’s and tricks & tips and general computing advice here starting in 2007. (Use the Search tool to find answers. But be aware, many are rather dated.) Sometimes I answered (your) specific questions in an article if I believed the answer was generally helpful to “everyone”. All the writing you see was my own, typos and all. There always is/was an implied “IMHO” in what you see here.
Note: You are responsible for using this blog and its content. I am in no way liable for any losses caused by user error, viruses and/or other malware, hardware or software failure, or any other conceivable reason.
-
Say "thank you!" Buy Tech Paul a cup of coffee (and keep T4E ad free).
-
-
McAfee® Cybersafety Resource Portal, an online help center designed to assist victims of computer crime and provide information on how to avoid becoming a victim.
-
Subscribe to Tech--for Everyone by EmailRecent Comments
-
-
-
-
Also:
-
-
Tech - for Everyone 