Millions of people are getting a spam email designed to look like it's from Facebook (complaints about Facebook), warning that the user's password has been compromised.
Graham Cluley, senior technology expert at Sophos Security, says it's just the latest Facebook scam. The email message is as follows:
Dear User of FaceBook:
Your password is not safe!
To secure your account the password has been changed automatically.
Attached document contains a new password to your account and detailed information about new security measures.
Thank you for attention,
Administration of Facebook.
"Your alarm bells should be ringing instantly when you receive this message for a number of reasons, not least that it can't decide if it's 'Facebook' or 'FaceBook,' but also because why would Facebook ever email you an attachment," Cluley writes in his blog. "And why are they being so impersonal and not using your name?"
There may be a couple of versions of the subject line for this email. One says "Facebook: Your password has been changed!" Another is "Facebook support. Personal data has been changed!"
Cluley says the purpose of the email is to is to infect your computer with Mal.Zbot-AV malware, a Trojan that falls in the spyware-virus category.
"Perhaps the easiest thing to do if you're told your Facebook password has been changed, is try to log into Facebook to see if it's true or not," Cluley writes.
And make sure you don't open the email's attachment. Simply delete the email from your inbox.