Attachment is malicious.
A widespread phishing campaign is making the rounds that claims to be from Facebook but that actually infects victims' PCs, researchers said.
The fraudulent emails arrive with a note stating that the recipient's Facebook password was changed and they can find the new one in an attached ZIP file, said Dave Marcus, security research and communications manager at McAfee Avert Labs, in a blog post.
The attachment actually contains an assortment of malware, depending on the message, including trojans and rogue anti-virus programs, he said. The scam is global in its reach and, as of Wednesday afternoon, the malware contained in the email ranked as the sixth most prevalent global virus that McAfee was tracking.
It is possible that machines compromised with the Cutwail or Rustock botnets are delivering the spam messages, Marcus said.
Facebook Security, in a status update on its profile page, told users that the social networking site never would send a new password as part of an attachment.
"There's another spoofed email going around that claims to be from Facebook and asks you to open an attachment to receive a new password," read the update. "This email is fake. Delete if from your inbox, and warn your friends."
See original article on scmagazineus.com