Wednesday, June 13, 2012

Is That Email Really from Facebook? Fake Notification Emails Spotted

Facebook EmailBe sure that you look first before clicking when checking out links embedded in emails purporting to be from Facebook.

Otherwise, Sophos warns that you may find your browser loading a pharmaceutical website, phishing site, or worse – a malicious site looking to download malware on your PC.

To no surprise, the miscreants behind the fraudulent Facebook emails have put in the time to make sure their spam messages have the best chance of fooling users, although there are always ways to tell them apart.

Here’s a fake Facebook notification email:

Fake Facebook EmailImage Credit: Sophos

From: Facebook (
Subject: You have notifications pending

Here’s some activity you have missed on Facebook.
4 friend request

[Go to Facebook] [See All Notifications]

This message was sent to [EMAIL]. If you don’t want to receive these emails from Facebook in the future, please click: unsubscribe.
Facebook, Inc. Attention: Department 415 P.O. Box 10005 Palo Alto CA 94303

How to Spot a Fake Facebook Notification Email

The last thing we would ever want to do is give a spammer the satisfaction of knowing that they’ve successfully tricked us by clicking on a link within their email, right?

As it turns out, I happen to have a legitimate Facebook notification email sitting in my inbox, so I can offer some tips on how to tell the real from the fake:

[caption id="attachment_5691" align="alignright" width="240" caption="Real Facebook Notification Email"]Real Facebook Notification Email[/caption]

  • Authentic Facebook notification emails will address you by name in the subject line. Example: “Marquisa, you have notifications pending.” Fake notification emails subject lines read “You have notifications pending” since the spammer does not have your name, only your email address.

  • Inside, real Facebook notification emails will also greet you by name, “Hi Marquisa” versus the impersonal “Hi” used in bogus emails.

  • Legitimate emails are a tad less presumptuous as to whether or not you’re actually out of the loop, reading “Here’s some activity you may have missed on Facebook” opposed to the fake notification flat-out stating, “Here’s some activity you have missed on Facebook.”

  • Links within real Facebook notices point to a page on the domain, but spam emails typically link to third-party sites.  (Note: There are exceptions to this rule.)

  • Depending on your Facebook account settings there may be an additional line at the bottom of the email that reads something like this: “You are only receiving important updates and summary emails instead of individual notification emails. You can turn individual email notifications back on at any time.” Of course, this line may vary depending on your specific preferences, but you get the gist of it.

What to Do with Fake Facebook Emails

If you receive a fake Facebook email notification, it’s recommended that you:

  • Avoid clicking on any links.

  • Mark the email as ‘Spam’ in your email client.

  • Report the email to Facebook.

  • Delete the email immediately.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

No comments:

Post a Comment