So this was on yahoo this morning. It's been there since Wednesday but I'm lazy and just noticed it today.
Wed Mar 17, 11:45 PM
WASHINGTON (AFP) - Computer hackers are targeting Facebook users with an email scam that attempts to steal their passwords, Web security firm McAfee said.
McAfee said on Wednesday some users of the world's most popular social networking site were receiving emails that appeared to be from Facebook informing them their Facebook password had been reset and to click on an attachment to retrieve it.
The security firm said the attachment is actually a "password stealer" that is installed when a user clicks on it and can potentially access any username and password combination on that computer, not Facebook-related information.
"This threat is potentially very dangerous considering that there are over 350 million Facebook users who could fall for this scam," McAfee said in a statement.
The subject line of the scam email reads: "Facebook Password Reset Confirmation! Customer Support."
McAfee advised anyone receiving the password-reset message to delete it and to not open the attachment.
Because of its huge membership, Facebook is a frequent target of computer hackers seeking to steal passwords.
In its 2010 Threat Predictions report released in December, McAfee said email "was increasing in popularity as the preferred method for targeting attacks against individual users, corporations and government institutions."