If you get an e-mail that appears to be from Facebook saying the company reset your password and urging you to open an attachment, it is a scam. ...
The attachment contains a password stealer that can potentially access any username and password combination used on the computer, not just the login credentials for Facebook....
See screenshot at either of these links:
Beware the new Facebook password reset scam | InSecurity Complex - CNET News
McAfee Security Insights Blog » Blog Archive » Facebook Password Reset Scam Threatens Computers Worldwide
Edit 3-19-2010 to add additional information:
Facebook is warning its users about BredoLab malware serving campaign using the well known “Facebook Password Reset Confirmation Customer Support” social engineering theme. Facebook password reset themed malware campaign in the wild | Zero Day | ZDNet.com
According to Gary Warner, the UAB director of research in computer forensics most antivirus not detecting these computer viruses:
Cyber-criminals are using fake e-mails to target Facebook users and deliver computer viruses that were being detected only by one-third of the 42 most common anti-virus products as of noon Thursday, March 18, says a leading cyber-crime researcher at the University of Alabama at Birmingham (UAB).
New Spam Targeting Facebook Users Is Invisible to Most Virus Scans, Says UAB Expert
Edited by tork, 19 March 2010 - 06:56 AM.