Cybercrooks not only use social networks to distribute malware but also as a bait in social engineering.
Facebook is one of the most popular social networks with more than 400 million users, so itâ€™s not surprise that cybercrooks often use it in one way or another to carry out malicious actions.
In the last hours weâ€™ve detected a wave of email messages passing themselves off as Facebook to distribute a new variant of the Trojan Bredolab, concretely Bredolab.AX.
The message is like the following:
Under the pretext of a new security measure for users, they are informed that their password has been modified and that they can check the new one in the attached document.
Actually, your password hasnâ€™t been changed and if you run the attached file, youâ€™ll be installing malware in your computer.
If you receive a message like this, donâ€™t trust it and if you want to make sure that a modification has been made in your Facebook account, access the website directly typing the adress in your browser but donâ€™t do it through attached files or links included in email messages.
By the way, this advice is valid for any online service: social networks, email, banks, shopping 😉