Facebook today sent out a security warning to some of its users alerting them that their passwords have been changed due to alleged suspicious activities happening on their accounts.
The email appears to be a reaction from the social network due to the newest appearance of Koobface, a worm that preys on the paranoia of users and leverages seemingly trusted redirects to infect its victims.
In the email, Facebook tells its users that they need to reset their passwords but only after running their current antivirus protection to make sure they aren't already infected. In the same breath, however, the Facebook Security Team tells its users never to click on suspicious links -- even though its own email is suspect.
The problem seems to be that users are getting so inundated with Koobface-laden messages from their friends that they are not trusting any emails that come in from the social network, and will not click on the password reset link suggested in the email.
I myself received this email and decided to go straight to Facebook -- also avoiding the link though the warning email seemed legitimate -- and my password had been reset. This forced me into doing a password reset email, which in it and of itself is a security risk.
One Twitter comment I read said, "We're supposed to avoid Facebook emails but the warning email is confusing. I think it might be a trick. I'm staying out."
Kudos to Facebook for doing something... but was this the right thing to do? Regardless, it goes without saying -- don't click on strange links, don't always trust redirects and change your passwords often. Here's the full text of the email:
We have detected suspicious activity on your Facebook account and have reset your password as a security precaution. It is possible that malicious software was downloaded to your computer or that your password was stolen by a phishing website designed to look like Facebook. Please carefully follow the steps provided:
1. Run Anti-Virus Software: If your computer has been infected with a virus or with malware, you will need to run anti-virus software to remove these harmful programs and keep your information secure. For Microsoft:
2. Reset Password: Be sure that you use a complex string of numbers, letters, and punctuation marks that is at least six characters in length.
To reset your password, follow the link below:
https://firstname.lastname@example.org&cc=b23e866a833ae6&tt=1228509024 (If clicking on the link doesn't work, try copying and pasting it into your browser.)
3. Never Click Suspicious Links: It is possible that your friends could unwillingly send spam, viruses, or malware through Facebook if their accounts are infected. Do not click this material and do not run any .exe files on your computer without knowing what they are. Also, be sure to use the most current version of your browser as they contain important security warnings and protection features.
4. Log in at Facebook.com: Make sure that when you access the site, you always log in from a legitimate Facebook page with the facebook.com domain. If something looks or feels suspicious, go directly to www.facebook.com to log in.
5. Report Suspicious Activity: Please visit the following pages for further information about Facebook security and information on reporting material: http://www.facebook.com/help.php?page=420 and http://www.facebook.com/security
Once you have performed all these steps, your account should once again be secure. Please be sure to visit the Facebook Help Center for further information regarding these security issues and let us know if you need assistance.
Thanks, Facebook Security Team