Apr 27, 2010

Bogus Phishing Fake Facebook emails

Beware of the recent spate of emails posing to be from Facebook, telling you in essence that your password in your Facebook account has been changed, or that you need to do something. They either want you to click on a site or open a file. DO NOT OPEN THE ATTACHED FILE AND DO NOT CLICK ON THE LINK THEY PROVIDE.

Here's a sample of a recent email (I have gotten half a dozen). I've included the header information (absent my email and some other info) as well.

-------- Original Message --------
From: - Tue Apr 27 09:26:34 2010

X-Spam-Status: No, score=2.0 required=7.0 tests=BAYES_05,FH_HELO_EQ_D_D_D_D, HELO_DYNAMIC_IPADDR,RCVD_IN_SORBS_WEB,RDNS_DYNAMIC autolearn=no version=3.2.5
Received: (qmail 1085 invoked from network); 27 Apr 2010 01:19:29 -0500
Received: from wsip-24-249-244-66.oc.oc.cox.net (

with SMTP; 27 Apr 2010 01:19:28 -0500
Date: Mon, 26 Apr 2010 23:19:27 -0800
From: Facebook Service

Reply-To: comprisedthu7@balsamiq.com
Message-ID: <316815793.72402217762201@balsamiq.com>
To: vag@brevia.com
Subject: Facebook Password Reset Confirmation! Important Message
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------03680084AAD97B"

Dear user of facebook,

Because of the measures taken to provide safety to our clients, your password has been changed.
You can find your new password in attached document.

Your Facebook.

No comments: