Cybercrooks not only use social networks to distribute malware but also as a bait in social engineering.

Facebook is one of the most popular social networks with more than 400 million users, so it’s not surprise that cybercrooks often use it in one way or another to carry out malicious actions.

In the last hours we’ve detected a wave of email messages passing themselves off as Facebook to distribute a new variant of the Trojan Bredolab, concretely Bredolab.AX.

The message is like the following:


Under the pretext of a new security measure for users, they are informed that their password has been modified and that they can check the new one in the attached document.

Actually, your password hasn’t been changed and if you run the attached file, you’ll be installing malware in your computer.

If you receive a message like this, don’t trust it and if you want to make sure that a modification has been made in your Facebook account, access the website directly typing the adress in your browser but don’t do it through attached files or links included in email messages.

By the way, this advice is valid for any online service: social networks, email, banks, shopping 😉