HACKERS HAVE flooded the internet with virus-tainted spam that is targeting Facebook’s estimated 400 million users in an effort to steal banking passwords and gather other sensitive information.

The e-mails tell recipients that the passwords on their Facebook accounts have been reset, urging them to click on an attachment to obtain new login credentials, according to antivirus software maker McAfee Inc.

If the attachment is opened, it downloads several types of malicious software, including a program that steals passwords, McAfee said yesterday.

Hackers have long targeted Facebook users, sending them tainted messages via the social networking company’s internal e-mail system. With this new attack, they are using regular internet e-mail to spread their malicious software.

A Facebook spokesman said the firm could not comment on the specific case, but pointed to a status update the company posted on its website yesterday warning users about the e-mail and advising them to delete the e-mail and to warn friends about it.

McAfee estimates that hackers sent out tens of millions of spam e-mails across Europe, the United States and Asia since the campaign began on Tuesday.

Dave Marcus, McAfee’s director of malware research and communications, said he expects the hackers will succeed in infecting millions of computers.

“With Facebook as your lure, you potentially have 400 million people that can click on the attachment. If you get 10 per cent success, that’s 40 million,” he said.

The e-mail’s subject line says “Facebook password reset confirmation customer support”, according to Mr Marcus. – (Reuters)