It is good practice to tell someone you are going to send them an e-mail with an attachment. If we all did that, hackers wouldn’t have so much success sending e-mails with attachments.
And now, on to another point. The Avira Antivir anti-virus I use didn’t detect the malware that was inside the file, which is disturbing. The zip file is configured to aut0-execute an .exe file inside it, named Facebook_password_<random characters>.exe.
Yes, you guessed it, it’s malware and it’s NOT from Facebook.
If you get an e-mail that tells you your password has been changed and your password is in the file attached to the e-mail, it’s a virus, worm or some other form of malware intended to get control of your computer, steal your data or do something else dreadful.
After I uploaded the attachment, here’s what the Avira website shows:
We received the following archive files:
File ID | Filename | Size (Byte) | Result |
25649067 | Facebook_password…74.zip | 50.09 KB | OK |
A listing of files contained inside archives alongside their results can be found below:
File ID | Filename | Size (Byte) | Result |
25647098 | Facebook_password…74.exe | 56 KB | UNDER ANALYSIS |
Please find a detailed report concerning each individual sample below:
Filename | Result |
Facebook_password…74.exe | UNDER ANALYSIS |
The file ‘Facebook_password_35374.exe’ has been determined to be ‘UNDER ANALYSIS’.
After analysis, Avira identified this as a variant of the Sasfis Trojan, so yes, indeed it was malware and absolutely NOT a message from Facebook. They quickly drafted a new virus definition file (v7.10.06.56) and released it within 24 hours of my uploading the file to them.
1 2