Facebook password scam circulates online

The Tech Herald covers a new Facebook scam that was recently distributed through spam email. The spam email asks appear to come from the Facebook Support Group and ask the user to download an attachment to change their password. In reality, the attachment is malware and makes the victim's computer part of the Bredolab botnet.

"'This spam email attack is designed to play on the subject at the forefront of users minds – their password security. Falling for this scam could lead to the unsuspecting user becoming part of a botnet. With the recent hack of Web email accounts, users would feel more compelled to open an attachment that purports to hold their new password, as they’d be worried who changed it in the first place,' said Carl Leonard, Websense Security Labs Manager."
Steve Ragan of the Tech Herald advises users to be weary of such scams and further mentions that Facebook wouldn't e-mail a ZIP file, let alone even have to notify a person in order to take any administrative action as "they can do so without you even knowing until you next sign on." Click here for the full article.