It is a well-known truth in technical circles - most successful "hacks" have as much to do with fooling users into opening a door as they do forcing their way in through that door. There is another case of that type of problem going around, this time involving Facebook.

Hackers can easily disguise an email to appear to be from any address. There are fake "Password Reset Confirmation" emails going around now that appear to be from Facebook telling you that your password has been reset and the attachment has your new login information. When you open this attachment to see your new information you are actually running a malicious program (called a Trojan Horse) that compromises your machine.

One of the first things this program does is access your user id and password combinations, including but not limited to your Facebook credentials.

These types of emails are called phishing (pronounced "fishing") scams. They try to trick you into opening a file that compromises your machine. Simple rule here is that if you do not expect an attachment, do not open it. Facebook does not send attachments, and if you get this email, it is most certainly a hoax.

Be careful!