Facebook password scam email


SCAMwatch is warning Facebook subscribers about a hoax email they may receive under the guise of a password reset email.

Ignore this email and delete it immediately—it is being used to spread virulent malicious software onto the computers of Facebook subscribers.

SCAMwatch has been advised that the scam email enters inboxes looking as though it is an auto-generated email from the Facebook Team. It announces to subscribers that as a security measure their password has been changed and that this needs to be confirmed. Attached to the scam email are two documents with file names beginning with 'facebook_password'  that are supposed to include the new password.

SCAMwatch warns you not to open these attachments. If you do, you will activate a very nasty Trojan or malicious software called the Bredolab Trojan and your computer will be taken over for use by the scammers at their will.

The Bredolab Trojan will also open your computer up to all manner of other malicious software, including one that will begin to generate spam. It has been reported that this particular Trojan is able to trick firewalls and hide itself in computer systems to avoid detection.

Protect yourself

  • NEVER open attachments or click on links in unsolicited emails.
  • If the email appears to come from a provider you know, check its authenticity with them. Do this through a separate contact source such as the website’s own contact email, which can be accessed by going to the provider's website via your own favourites list or a search engine.
  • NEVER follow the link or use the contact details in an unsolicited email.
  • Most reputable businesses do not ask for personal details via emails. It is also very unlikely that they will change your password without your prior consent.
  • NEVER provide personal information to someone you do not know or trust.
  • Ensure that all computers have up-to-date protection from viruses and other malware, plus a good firewall.
  • If you notice that your computer is behaving oddly (such as processing too slowly or you receive abusive emails from people who are being spammed from your email accounts), your computer may be infected. Some malicious software, such as the Bredolab Trojan, can be difficult to remove and you may need assistance from a computer/IT specialist.

If you think your Facebook account has been compromised, refer to the Facebook Help Centre, which provides information on how to deal with a hacked account.


Visit the report a scam page on SCAMwatchReport spam to ACMA's spam link via its website, www.acma.gov.au.

More information

Explore SCAMwatch to find out more about phishing scams or download our phishing scams fact sheet. [factsheet no longer available]

Read more

Identity theft is a type of fraud that involves using someone else's identity to steal money or gain other benefits.

Phishing scams are attempts by scammers to trick you into giving out your personal information such as your bank account numbers, passwords and credit card numbers.