# Posted: 19 Mar 2010 10:10 · Edited by: david1
It's another email scam targeting Facebook users.
ZoomBy now a good deal of web surfers are connected to a social network website in some aspect, whether its to hunt down old high-school friends or to post another silly buzz from a demanding boss. Naturally places like Facebook and MySpace are havens for hackers looking for a good pool of information to steal, throwing out lures in hopes of reeling in a really big fish.
With that said, it should come as no shock that hackers are flooding inboxes with virus-tainted spam that's targeting Facebook's over 400 million users. According to McAfee, the hackers are looking for the usual bag of goodies: your username, passwords, and whatever else they can acquire. The hook? Fake Facebook emails telling recipients that their password has been reset, and they need to click on an attachment to retrieve it.
"Once installed, the password stealer can potentially access any username and password combination utilized on that computer, not just for the user's Facebook account," McAfee said in a security alert. "This is also the sixth most prevalent piece of malware targeting consumers in the last 24 hours, as tracked by McAfee Labs."
The big no-brainer here is that Facebook would never send an attachment. McAfee even pointed out that Facebook would never send an email alerting a user that they changed his or her password. Additionally, Facebook emails wouldn't contain poor grammar and awkward phrases like "Dear user of Facebook."
Bottom line: social website users should stay alert and be wary of bogus email and friend requests from unfamiliar parties.
Source 2: link