Today we have seen a surge in emails pretending to be from the social networking site Facebook.
The message suggests that Facebook has modified the user’s password to enhance user safety and that the new password is in a attached document. The message looks like this:
Hey XXXXXXX ,
Because of the measures taken to provide safety to our clients, your password has been changed.
You can find your new password in attached document.
The Facebook Team.
Content-Type: application/zip; name="Facebook_details_345.zip"
Content-Disposition: attachment; filename="Facebook_details_345.zip"
The attachment is called “Facebook_details_<some number>.zip”. This attachment is malicious and should not be opened.