Sophos security is warning of malicious email messages that appear to come Facebook. Please avoid opening any attachments. This is documented as follows:
QUOTE: Computer users are being warned to be careful about opening unsolicited email attachments, after a malicious Trojan horse was spammed out posing as a Facebook notification that the recipient is featured in a newly uploaded photograph. The emails, which pretend to come from Facebook.
Unfortunately, the attached ZIP file contains malware, designed to allow hackers to gain control over your Windows computer. Sophos products intercept the malware as Troj/Agent-XNN. Last month, experts at SophosLabs saw another malware campaign posing as a Facebook photo tag notification. On that occasion, the emails did not contain attachments but instead linked to compromised websites which aimed to attack visiting computers with the Blackhole exploit kit.
EXAMPLE OF EMAIL MESSAGE
Subject: Your friend added a new photo with you to the album
Attached file: New_Photo_With_You_on_Facebook_PHOTOID[random].zip
One of Your Friends added a new photo with you to the album.
You are receiving this email because you've been listed as a close friend.
[View photo with you in the attachment]