Facebook Password Reset Confirmation Email

I received this Facebook Password Reset Confirmation Email but did not open it coz I did not request for password reset from Facebook. It was sent to my other email address and not with the one I’m using for Facebook. Funny! 😀

Facebook Password Reset Confirmation Email from Facebook with attached zip file

I initially thought it has a virus. It contains attachment and the email details in the message headers did not come from Facebook email servers.

email headers

According to Mashable

Another new virus is spreading through social networks, this time, via Facebook. This one – known as Bredolab – masks itself as a “Password Reset Confirmation Email,” appears to come from Facebook, and attaches a file that purports to contain a new password.

That file is actually a trojan horse that will download a host of nasty files from the Web and infect your computer with them.

So if you didn’t ask for password confirmation, don’t dare open any password reset email especially if it has attachment. Just ignore and delete it.

Honney November 2, 2009 at 5:03 PM

I've been receiving this kind of email as well but I just ignore it. Happy Halloween, sis!
melody November 2, 2009 at 6:33 PM

naku, thanks for posting this. ang hirap ng di masyado techy sis. hehehe.
- Amor November 8, 2009 at 2:36 AM
  
  Ang dami kasi makukulit, walang magawa sa buhay kundi mang hack. Bat di na lang mag Cafe World para maging busy din sila, parang ako hehehe.
  - melody November 8, 2009 at 7:16 AM
    
    hahaha…tell me about it. may experience na ako about that dati. pero ok na ko dun, wala na sakin yun, promise!!
    
    kaya nga sana mag Cafe World na lang sila tapos invite na lang nila tayo as neighbors. bigyan ko pa sila ng gift araw araw..heheheh
Kenneth November 2, 2009 at 11:34 PM

Thanks for good tip!
oes tsetnoc November 2, 2009 at 11:59 PM

just ignore these such kind of emails
- Amor November 8, 2009 at 2:35 AM
  
  That's exactly what I do. Ignore and delete. Thanks for the visit. 🙂
  - oes tsetnoc November 8, 2009 at 11:56 AM
    
    ignore means delete because no one like useless stuff in their inbox :p
Shanker Bakshi November 3, 2009 at 11:02 PM

But my gmail has learned a lesson and blocked such mail confirming me with following :

Message left on server: "Facebook Password Reset Confirmation. Help Centre."

seems someone trying to kill facebook.
Honney November 4, 2009 at 6:51 AM

hi, sis! was here again po.
Roy November 4, 2009 at 10:15 PM

madami na rin akong nare-recieve na password reset e-mail – paypal, yahoo e-mail, minsan nga nagkaroon pa ako ng account bigla sa american express e, pinapa-reset ang password ko lol
- Amor November 8, 2009 at 2:24 AM
  
  Ay naku ako din mga kung anu-anong account na wala naman. Mga taong walang magawa sa buhay. Di na lang mag Farmville para maging busy hehe.
sernan November 5, 2009 at 9:10 AM

yes indeed, the mail you have received are spam mails containing backdoors and trojans, they trick the users or recipients that this is a legitimate mail coming from facebook since its one of the most popular social networking sites in the world.

What you did is the best way to verify if the email is legitimate or not, by looking at the email headers.

It its an email from facebook, you will see the return path and the receive:from from facebook servers like the ones below…

Return-Path: <notification+ivihu1hm@facebookmail.com>
Received: from mx-out.facebook.com (outmail010.snc1.tfbnw.net [69.63.178.169])
- Amor November 8, 2009 at 2:33 AM
  
  Hi Sernan. Thanks for your comment. I received 5 more Password Reset email a while ago. It's annoying.
  - sernan November 9, 2009 at 8:22 AM
    
    if your email is hosted in a medium-large organization and you are using the email for business, i suggest you an anti spam service for your email (contact me if you need one). if you own the mail server and its an open source, spam assassin should work but you need to do some configuration.. if its just a personal use, you might want to use outlooks junk email features, or if a webmail, just add some filtering… and if you cant do anything above, just keep on ignoring them.. they would stop in time.. or much longer time 🙂
    - Amor November 10, 2009 at 7:22 PM
      
      Thank you. My Spam assassin is turned on, pero nasa number 5 lang yung score nya. Should I make it higher? Dati may mga filtering ako but when I changed webhost nawala na, di na ulit ako naglagay. Naka enable lang Boxtrapper ko. Un na nga lang ginagawa ko, ignore and delete, pero nakakairita pa rin. 🙂
Diabetis November 5, 2009 at 3:01 PM

Good thing that I am not active at Facebook.
- Amor November 8, 2009 at 2:33 AM
  
  Good for you. I am. Mas active pa ako dun kesa sa blogospehere. 😀
Marlene November 8, 2009 at 8:44 PM

Obvious nga na spam kasi di naman naisend sa email na ginagamit mo sa FB. Pero di pa ako nakareceived nito. Teka, baka nasa ibang email ko rin, hehee.
- Amor November 10, 2009 at 7:34 PM
  
  Oo nga, pero nung una kong nakita to, sabi ko, nag password reset ba ako? Hindi naman ah. Kinabahan nga ako. Then naisip ko, nasa ibang email nga pala ako haha. Ay naku spam!