Consumer Threat Alerts
Are you aware of the latest threats? McAfee Consumer Threat Alerts warn you about the most dangerous ...
The Facebook password reset scam affected several readers. In an effort to address the questions and comments that McAfee Labs received, they have shared some additional information and tips to help you better understand this scam.
1) I opened the Facebook scam email, but immediately closed it. How do I know if my computer is protected?
Promptly delete the Facebook scam email and run a full scan with your security software to see if you got infected just by briefly opening the email.
2) I opened the attachment in the Facebook scam email and downloaded the file. I have the most up to date McAfee security software on my computer, but is my computer still at risk of being infected?
You’ve taken the proper first step in protecting yourself against this type of cybercrime by ensuring your security software subscription is up to date. Provided that your software has also been configured correctly, meaning the software is set to auto-update itself and you have an Internet connection, you will be fully protected if you opened the attachment (by double clicking it) or tried downloading it.
If you are unsure if your security software vendor has an update for this type of malware, McAfee recommends that you check for and install any available updates, then immediately run a full scan.
3) How are cybercriminals obtaining my e-mail address so the can send the spam?
Many cybercriminals bulk purchase email addresses or simply send spam and scams to every conceivable address in email domains.
4) Is this another “Koobface” variant?
Koobface is an entirely different threat. It is a worm, a type of malware, that is distributed by URLs in social networking sites. You may find more information about the Koobface threats, in the McAfee’s Quarterly Threats Report.
5) Where can I find more technical information about the Facebook password reset scam?
McAfee Labs posted a blog on this topic as well that includes more details about this particular scam.
6) What can Facebook do to better protect its consumers?
Facebook would never send an email alerting a user that they changed his or her password. Facebook takes scams like this one very seriously and is dedicated to educating and communicating to its users with the latest threat related information. You may find additional security-related information by visiting Facebook’s Security page http://www.facebook.com/security
7) Does this type of cybercrime affect Macintosh computers? Would it run on a Mac running a Windows emulator?
This particular threat is PC-specific. If a you are running Windows in a virtualized environment then you may be at risk. Virtual PC’s need comprehensive protection just like physical PC’s.
Read the blog about the Facebook Password Reset Scam.