Colorado State University

This post is marked as Deprecated and therefore contains outdated information.

I just received this friendly reminder from ACNS regarding some new Facebook Phishing attempts that are circulating.  Please be sure to treat all strange e-mails with a dash of skeptisism and follow up on their link to “Dirty Dozen Clues To Avoid Phishing Attempts”.

“Now that we’re all back at work with driveways cleared of snow, it’s time to realize that the weather didn’t stop the spammers and phishers. While I try not to fill your inboxes with warnings about every single phishing attempt, this one is widespread enough that I thought it warranted a note.

Facebook is experiencing a fairly large-scale password-reset exploit. Spammers are sending out notices for people to reset their password, or notifying people that their password has already been changed and is attached as a document. CSU has seen some of the second version, encouraging the user to open the password attachment.

Please take this opportunity to remind your users of good email self-policing behavior:

1) Be suspicious of all attachments, even from people you know
2) Never reply to an email asking for your username and password
3) Never open an attachment that claims to contain your password