The Spam Diaries

News and musings about the fight against spam.
 by Edward Falk

Wednesday, October 28, 2009

Beware of "password reset" emails

I've been getting a lot of these lately, and I suspect everybody else is too. Typically, you get an email from Facebook or some other social networking site telling you that your password has been reset, and please unpack the enclosed .zip file if you want to do something about it.

Obviously, this is just a very crude attempt at propagating a virus, and I know that nobody reading this would be foolish enough to open it, but please pass the word to your more gullible friends and relatives.

Update: ZDNet is reporting that the Facebook-specific spam is coming from the Bredolab botnet.

Update: Brian Krebs at Security Fix is reporting that the fake FDIC emails telling you your bank has failed are coming from the Zeus/Zbot password-stealing Trojan.