If you’re one of the more than 400 million Facebook users, you generally receive e-mail notifications when friends write on walls, comment on posts or send inbox messages. Unfortunately, a new phishing scam is threatening the safety of your computer and identity. An e-mail labeled, “Facebook Password Confirmation! Customer Support,” has surfaced to notify users of a password change. The message states:

“Dear user of facebook,

Because of the measures taken to provide safety to our clients, your password has been changed. You can find your new password in attached document.

Thanks,

Your Facebook.”

The e-mail comes with an attachment and prompts you to open it to receive your newly reset password. The attachment actually contains malware that not only steals your Facebook password, but other user names and passwords from your computer. At first glance, the e-mail appears legitimate. But, a closer look reveals the following red flags:

• Facebook isn’t capitalized.

• It contains grammatical mistakes.

• Facebook doesn’t send e-mail attachments, only links.

The Better Business Bureau offers these tips to help you avoid phishing scams:

• Facebook and other reputable companies won’t send unsolicited passwords or change or reset them automatically.

• Beware of messages directing you to other Web sites via hyperlinks.

• Never click on links or download attachments from unsolicited e-mails.

• Make sure your computer’s updated with anti-virus and firewall software.

• Familiarize yourself with security and privacy settings and adjust them accordingly.

• Verify password resets or account changes directly with the company.

Visit www.bbb.org or call (937) 222-5825 or (800) 776-5301.

John North is president and CEO of the Better Business Bureau.