September 21, 2010Facebook Malware Ruse
Facebook gets abused regularly in one way or another as a vehicle to get the attention of unsuspecting users. It's a popular service, so when a message purports to come from Facebook and involves passwords, recipients pay attention. Perhaps too much attention:
Subject: New Facebook password!
Dear user of facebook.
Because of the measures taken to provide safety to our clients, your password has been changed.
You can find your new password in attached document.
The attachment (named New_Password_Nr57012.zip in the copy I saw) has a very low antivirus detection rate according to VirusTotal. Coverage will certainly improve over the next hours, but in the meantime, lots of misguided trusting users will get blitzed.