At MTNLCloud, we deal with a lot of phishing email attempts. These are the usual robber-and-cop routines where the bad guys think of new tactics and we block them.
This week, we saw something that just blew us away. Last week, some of our clients received emails as follows:
At first sight, we told them to ignore such emails as these are mostly shot in the dark. There will certainly be a small percentage of people who have done something they want to hide and would pay up. That would be enough earnings for these Phishers for their efforts.
However, we were shocked by the additional information customers provided:
- The password given in XXXXXXXX was correct.
- The password belonged to their Facebook account.
- Some of them have not used their Facebook account for years.
We also found that all such emails originated from an Outlook account and it came right out of Outlook email service.
No service provider worth their salt stores password in plain text. These emails gave the correct password in plain text. This means there is a breach on the client side (say Facebook app) or on the server side (God forbid!).
While we are in no position to find out how or why, we thought we will post this to spread the awareness.
- If you receive such an email, do not panic.
- Use a fresh computer (possibly a new one) and change your Facebook password.
- Never even think of paying up (irrespective of whether you have something to hide or not). Phishers usually reel you in and then keep increasing the amounts. They are complete fraudsters and you can never trust their word.
The implication that some third party can send you an email with your password itself is very unsettling. And the fact is that some of the users who received such emails have not used their accounts for years!
Whether you have received such an email or not go ahead and change your Facebook password. We did!