Subject:Facebook Password Reset Confirmation Customer SupportMessage: "Dear user of Facebook,Because of the measures taken to provide safety to our clients, your password has been changed. You can find your new password in attached document. Thanks, Your Facebook."
Moreover, according to Gary Warner, “The malware being delivered is called ‘BredoLab.’ It has been occasionally spread by spam since May of 2009,” Warner says. “The UAB Spam Data Mine has observed at least eight versions of the Facebook BredoLab malware since March 16.
“What is troubling is the newer versions of the BredoLab used in this latest attack campaign are not being detected by the majority of anti-virus services — and that means the majority of users who unwittingly click on the bogus attachments linked to fake e-mails are going to have their computers infected".
According to our research, BREDOLAB and ZeuS are individual tools that are freely available in the cybercriminal underground. Their uses complement each other, which is why we very often see them together.ZeuS specializes in stealing information from infected systems. BREDOLAB, on the other hand, is a software that enables cybercriminal organizations to deliver any kind of software to its victims. Once a user’s machine is infected by BREDOLAB, it will receive regular malware updates the same way it receives software updates from the user’s security vendor.