Another day, another Facebook attack

Posted by kent on November 3rd, 2009

Thanks for visiting the NextAdvisor Daily blog. You may want to subscribe to our RSS feed.

Internet security company Symantec is warning Facebook users about a pair of malicious email attacks that claim to come from Facebook. Both use similar messages, informing users they need to change their passwords. Originally Symantec reported that the emails contained trojans that connect to a Russian botnet. Now it seems there's a phishing attack that's coming along with it. The email's call to action, an update link, hits a faux-Facebook site designed to steal your password. There's also a version of the attack gained at MySpace users.

Symantec reports that the emails are using the following subject lines:

Facebook account update
New login system
Facebook Update tool

As always, if you receive an email purporting to come from an online service that you use, it's best not to follow any links in the email. Always go directly to the site by entering the url in your browser. As Symantec points out, "users need to be extra careful of suspicious attachments, especially those including a “password reset” request because legitimate websites will not send an attachment for resetting a password."

Check out our Internet security software ratings and reviews to find out how to better protect yourself from online attacks.

• Facebook phishing scams increase risk of identity theft on the popular social network
• Facebook exposes personal information of up to 80 million members
• Type carefully when looking for a free credit report
• Facebook moves to protect users in partnership with 49 states
• Malicious hack impacts 2.2 million shortened URLs