Password stealing hackers target Facebook users

facebbok icon

Hackers have flooded the Internet with virus-tainted spam that targets Facebook’s estimated 400 million users in an effort to steal banking passwords and gather other sensitive personal  information.

According to anti-virus software maker McAfee Inc, the emails tell recipients that the passwords on their Facebook accounts have been reset, urging them to click on an attachment to obtain new login credentials . If the attachment is opened, it downloads several types of malicious software, including a program that steals passwords.

The subject line of the scam email reads: ‘Facebook Password Reset Confirmation! Customer Support.’  McAfee advised anyone receiving the password-reset message to delete it and to not open the attachment. Source

McAfee says it is a return of a virus that has been seen before and its tracking for the past 48 hours has the security company predicting the virus will affect more than 400 million Facebook users. — Beware of Facebook virus

See an example of the email here –  Facebook Password Reset Scam Threatens Computers Worldwide

  1. Have you received such an email and opened it?
  2. Has your Facebook account been hacked?
  3. If your account has been hacked what are you doing to rectify matters?

Related posts  found in this blog:
Silverlight for Facebook
WordPress.com adds Facebook to Publicize
Importing wordpress.com post snippets into a Facebook fan page
hootsuite: cross post content to multiple WordPress accounts

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

26 thoughts on “Password stealing hackers target Facebook users

  1. Pingback: Password stealing hackers target Facebook users … | WizzBoom!

  2. The limiting the number of posts is not found on the page you selected, I can send you a screen shot if you like but I guess not here. I would never expected you to look something up, thought you might have access to one that works with Word Press. Success with breaking up the post, thanks so much, didn’t know how to do that. Going back and doing about ten of them that way now. Thanks for your help, I’m Jim

    • @Jim
      I made a mistake on the page. Here’s the correct one:
      Dashboard > Settings > Reading
      Blog pages show at most ___ posts
      “Save Changes”

  3. Hi timethief: It’s me Jim again. Spent most part of the day looking for a widget for word press that would actually work as shown showing the national debt, most sites have it listed, but it’s a tag word for bogus land. Can you find anything for me? Widget bank only puts a line on the blog see right hand sidebar, http://dancingczar.wordpress.com Appreciate your help, Jim

    • @Jim
      IMO your front page is miles too long necessitating readers to scroll and scroll. These are my recommendations:
      (1) start using “the more” tag to split post content into excerpts with click to read more links
      > http://en.support.wordpress.com/splitting-content/more-tag/
      (2) reduce the number of posts excerpts on the front page to no more than 5 or 6 >
      Dashboard > Settings > Reading
      Blog pages show at most ___ posts
      “Save Changes”

      When it comes to widgets you can do searches and find them all over the internet. However, we cannot use widgets that contain these codes on wordpress.com blogs > http://en.support.wordpress.com/code/ So it’s up to you to locate those widgets that do not use those codes and place them in text widgets. No, I will not do this for you.

  4. hi timethief , yes and they are taking about it on the PC site i belong to ( my link ) and i have warned all my contacts not to open it , harry

  5. i got this e-mail last week , but you are safe as long as you do not open it , btw , i don’t even have a facebook account , harry

    • @Harry,
      Hello there. It’s good to hear from you. I wouldn’t be surprised if this wretched infected email is being sent all over the place. Hopefully, some will be wise enough not to open it. McAfee the security company is predicting the virus will affect more than 400 million Facebook users.

  6. :D

    That was hilarious! It’s funny, yet makes you realize the downfalls of social networking by integrating it into real life.

    Yeah, social networking services don’t offer account deletions “to protect the integrity of our names.” Like WordPress.com’s rationalization, although I find it valid and totally adhere to it. I think in Facebook, once you delete an account, you can’t make another one. So if you already have Facebook, you’re stuck with it. Now, if you consider the positive side of this, you will realize that at least, no one else can make an account in your name and use it to defame you.

    You’re right, prior to making an account inactive, all photos and entries should be deleted. That’s what I did to my Friendster account, but I never deleted my friends.

    It all falls down on the person, anyway. If he/she can handle the hassles of social networking, well and good. Otherwise, don’t bother.

    • I laughed my sides off when I watched that video so I’m glad you enjoyed it too.

      I agree with you re: wordpress.com’s decision not to recycle deleted blog URLs. Their reasoning is sound. In that case our profile information is only available to Staff, unless we choose to provide it on our blog(s).

      Re: the positive side
      I suppose one could register an account on every social media and social networking site and forum, and then choose not to enter any profile information, but heck, I don’t have either the time or inclination to do so.

  7. This is one of the reasons why I don’t join social networking sites. I was once a member of Friendster, but after four years, I rendered it inactive. I also opened accounts in MySpace, Twitter, and Facebook, but that’s just it–I just opened accounts, I never uploaded anything on them.

    I know having social networking profiles is great for increasing blog traffic, but I really am concerned about security. Remember when Facebook and Twitter were attacked and their servers were down?

    I don’t know with you guys, but if you want to be spared the hassle, don’t create profile accounts.

    Cheers!
    Rogue|Hero

    • @RogueHero
      I did have Facebook account early on but even way back then I was concerned about privacy and security and decided to leave.

      I don’t think people realize that if you deactivate your account Facebook still has all the data that you give them on their servers even though your account is “inactive”. http://news.bbc.co.uk/1/hi/programmes/click_online/7375772.stm

      In fact most social networks do not delete accounts, so before deactivating an account at any social network I recommend: removing all photos, school history, employment history, all of the personal “About Me” profile type type information like interests, favorite movies, books, music, etc as well as hometown, country, political views, religious views, groups and all contact details. As friends of friends can see “friends” it also makes good sense to delete them all as well, prior to account deactivation.

      Here’s an amusing video: FaceBook In Reality – idiotsofants.com and BBC’sThe Wall

      • :D

        That was hilarious! It’s funny, yet makes you realize the downfalls of social networking by integrating it into real life.

        Yeah, social networking services don’t offer account deletions “to protect the integrity of our names.” Like WordPress.com’s rationalization, although I find it valid and totally adhere to it. I think in Facebook, once you delete an account, you can’t make another one. So if you already have Facebook, you’re stuck with it. Now, if you consider the positive side of this, you will realize that at least, no one else can make an account in your name and use it to defame you.

        You’re right, prior to making an account inactive, all photos and entries should be deleted. That’s what I did to my Friendster account, but I never deleted my friends.

        It all falls down on the person, anyway. If he/she can handle the hassles of social networking, well and good. Otherwise, don’t bother.

  8. I’ve been getting these emails regarding Facebook password reset emails for several months now. Of course I’ve never opened one. They get deleted right away. I try to block them but they keep switching domains. Maybe I’ll use a filter for that subject line and send to delete automatically. Yup I think I’ll do that right now.

    Fortunately I use a Linux operating system. My virus worries are almost non-existent. Irritating all the same though.

    John

    • Hi John,
      Setting up an email filter sounds like a great idea. Thanks for sharing it. From time to time I have considered switching to Linux but then chickened out. I know there must be a learning curve involved, and I’m not all that tech inclined or tech savvy.

      • Hey Timethief,

        You said, “I know there must be a learning curve involved,” and yeah there is. It kinda reminds me of when I owned an MGB. I always made sure I had a tool kit in the boot. :-)

        I switched to Ubuntu from Windows XP Pro because my computer was getting bogged down and slow despite regular cleaning and maintenance. And I was getting tired of all the virus software, and adware software, and registry tools, and, and…..

        I really like Unbuntu even though it is sometimes a challenge with certain hardware like my web cam. It is much faster operating than Windows, so my old system has an extended life because, and the security is superb because of the way it handles files and permissions. If you’re a gamer though, Linux is a bad choice.

        I am anxious to see the new operating system that Google is working on. I gather that it is a Linux/Unix based system, and so it will be secure. I also gather that they are attempting to overcome the usual problem with a Linux system by negotiating with the software and hardware companies to ensure they develop compatible versions and drivers. Should be interesting.

        Best,
        John

        • I’m not a gamer. lol :D Thanks so much for the run down on Unbuntu. I really appreciate the time you took to write about your experience because you anticipated any questions I may have asked.

    • Thanks so much for spreading the word about this. Everyone needs to update their anti-virus protection and delete any emails with the said subject line.

  9. Other than peeking in on what my friends and relatives are posting, about the only thing I do on Facebook anymore is play Fish Wrangler. But I did get infected once by clicking on a link that appeared to be part of the game. Thanks to good advise from people like you, I now have the AdBlock + add-on installed in my Firefox browser, so this isn’t as much of a problem anymore.

    I mentioned the above because I always use my own links to get to a site that I received this kind of email about. But it occurs to me that if hackers can embed malicious stuff in what looks like a legitimate link on a page I went to using my own links, then what’s to stop them from bypassing the email route altogether to do the things you warn about here?

    Any advise?

Comments are closed.