Tag Archives: Facebook phishing emails

How to Recognize Fake Facebook Emails

In a previous post, we showed you how to cut down or eliminate email notifications from Facebook. That article is here: Stop Facebook Email Notifications  Today, we’re going to show you how to recognize fake emails that seem to originate with Facebook. These emails can be spam or they can be what are called phishing attempts. Phishing is the act of stealing personal information, things like passwords and log-in information, through the use of various devious tricks, usually in email form.

What to look for: 

Facebook usually uses your name in the subject line. Here’s an example:

Photo of Fake Facebook Emails  1
Four emails. Three are real, one is not.

In this photo, we can pick out two real Facebook emails immediately. Why? They used the real name of the person they were sent to, that’s why. That leaves two suspicious emails. Let’s see if we can determine which of these are real.

Photo of Fake Facebook Emails  2
This email has a username in the subject line AND it comes from facebookmail.com.

When we hover our mouse over one of the two real emails, we see that it really does come from ‘facebookmail.com’. Let’s see where the others come from. Resting our mouse over the one with ‘Gina’ in the subject line we see this:

Photo of Fake Facebook Emails  3
First, we don’t know anyone named Gina. Second, check out the email source.

What on earth is ‘8kEyhjIP.com’? Obviously a spoofed email address from a non-existent dot com site. That leaves one email that may or may not be from Facebook. It doesn’t have a username in the subject line. Again, hover your mouse over the email to see this:

Photo of Fake Facebook Emails  4
Although there is no username in the subject line, we know this is from Facebook.

Now, we can’t generalize here. Just as the phishing email had spoofed an address, the photo above shows what could also be a spoofed address. We’re pretty sure it isn’t but let’s open it, just in case.

 

Photo of Fake Facebook Emails  5
Well, turns out that this is really from Facebook because it has the user’s name in it.

What’s in the phishing email? Let’s see.

 

Photo of Fake Facebook Emails  6
A link to a Russian dating site…maybe. Two other phishing links at the bottom.

When you see something like this, delete it immediately. It’s not the ‘intimatehotdating’ link that is dangerous. That link may or may not be real but the two links at the bottom are very devious. See the ‘.php’ at the end of each link? That’s the giveaway. Should you happen to click on either one, we suspect that some kind of script would run. If you are logged in to your Facebook account, we assume that your credentials could be snagged. We also suspect that these links lead to sites which may install something akin to a trojan that would send the same message to everyone on your contact list.

The solution to all of this is fairly simple. Turn off all of your Facebook notifications. That way, you’ll know immediately that any Facebook emails that you receive are fake. If you are a regular Facebook user, you’re probably on your account almost every day. There’s no need to be hounded by emails about every little thing that you or your friends do there.

Thanks for reading! Questions, comments, suggestions are always welcome. Like our Facebook page to get all of our updates. Here’s the link: Computers Made Simple on Facebook