November 05, 2009Facebook, Part Two
Earlier today we had a Facebook phishing scam to capture login credentials. Now Facebook is being abused as a way to get spam recipients to install a Trojan:
From: "Facebook Support" <firstname.lastname@example.org>
Subject: Facebook Password Reset Confirmation.Support Message.
Hey [removed] ,
Because of the measures taken to provide safety to our clients, your password has been changed.
You can find your new password in attached document.
The attachment is a file named Facebook_Details_11c97.zip. Unfortunately, VirusTotal shows only 5% recognition by antivirus products.Posted on November 05, 2009 at 10:30 PM