Following the recent fake Facebook password-reset e-mail scam, another scam aimed at tricking facebook users to reveal their passwords and downloading a Trojan that steals financial data has surfaced.

According to Fred Touchette, a senior security analyst at AppRiver, the scam works like this; 
A legitimate-looking Facebook notice asks people to provide information to help the social network update its log-in system.When the user clicks the “update” button in the e-mail, they are directed to a fake Facebook log-in screen where their user name is filled in and they are prompted to provide their password.

When unsuspecting victims provide the  information, they are taken to a page that offers an “Update Tool,” but that is actually the Zeus bank Trojan that is designed to steal financial and personal data, Touchette said.

Smart phones users are said to be at the greatest risk since the Facebook app installed on their devices can easily be duped because the phishing e-mail appears as an actual Facebook notification complete with Facebook icon.

The message is received in the e-mail in-box on the phone as well as under the Facebook notification section in the app itself, Touchette said.

According to Touchette, the AppRiver blog reports that it has captured about 6 million e-mails in its filters and noticed that the messages were coming in at a rate of 30,000 a minute at one point. That’s about 10 times the usual botnet e-mail message rate, he said.


According to the security expert,
“To protect against such phishing attacks, people should be extremely cautious about clicking on links in e-mails and they can mouse over the link to see if the domain is a legitimate domain”

Meanwhile, Facebook users should easily be tipped off that the latest scam is just that, a scam, he said. “Facebook doesn’t need all of its users to update their accounts in order for them to make changes to their site” .

He recommends that if there is any question about the legitimacy of the e-mail or the link, users should close the e-mail and go directly to the site to check for important notices to customers.

You can read more about this on the AppRiver blog.