Is Facebook sending out cancellation requests asking you to confirm whether or not you REALLY want to cut ties with your Facebook account?No, but cybercrooks definitely are.
Not only that, but they’ve taken the time to make sure the email has the best chance of fooling people too.
The email, titled “Account Cancellation Request” appears to come from Facebook (noreply@facemail.com), which is very close to the legitimate “noreply@facebookmail.com” email address used to send out official Facebook notification emails.
And although the email doesn’t link to an official Facebook page, it DOES link to a (malicious) third-party application on Facebook. That means the email links will point to "facebook.com." Clever, clever.
Here’s the email:
From: Facebook (noreply@facemail.com)
Subject: Account Cancellation Request
Hi [EMAIL],
We are sending you this email to inform you that we have received an account cancellation request from you. Please follow the link below to confirm or cancel this request.
Thanks,
The Facebook Team
To confirm or cancel this request, follow the link below:
click here
If you don’t want to receive these emails from Facebook in the future, please click unsubscribe. Facebook, Inc. Attention: Department 415 P.O Box 10005 Palo Alto CA 94303
Should you decide to click on the link within the email, you would be taken to the third-party Facebook app, which will nag you about downloading an unknown Java applet – which you should NOT do under any circumstances.
Screenshot Credit: Sophos
If you do make the mistake of allowing the Java applet to run, you will see a message telling you that Adobe Flash must be updated, which is a common ploy used in malware attacks.
…Which is exactly what this is.
Surprise! That's no Adobe Flash update, but malware that Sophos detects as Mal/SpyEye-B and Troj/Agent-WHZ.
How You Can Protect Yourself From This Attack?
Incase you were wondering: no, you do not receive an email similar to the one used in this attack if you attempt to deactivate your Facebook account.
When you deactivate your Facebook account, you will only receive an email confirming that it’s already been completed. Here is the real email sent by Facebook:
From: Facebook (noreply@facebookmail.com)
Subject: You have deactivated your Facebook account
Hi [NAME],
You have deactivated your Facebook account. You can reactivate your account at any time by logging into Facebook using your old login email and password. You will be able to use the site like you used to.
Thanks,
The Facebook Team
To reactivate, follow the link below:
http://www.facebook.com/home.php
This message was sent to neverthoughti@yahoo.com. If you don't want to receive these emails from Facebook in the future, please click: unsubscribe.
Facebook, Inc. Attention: Department 415 P.O Box 10005 Palo Alto CA 94303
Since that’s been cleared up, here are some other tips to stay safe:
- Always run antivirus software and be sure to keep the virus definitions up-to-date.
- Apply operating system and software updates as they’re released – just make sure you download the updates from trusted sources and not random email links. ;)
- Try to avoid clicking links within emails if possible. Type the URL directly into your browser web address bar instead.
How to Report the Email to Facebook
If you receive a copy of this email, you can report it by visiting this Facebook Help Center article and clicking the "let us know" link at the bottom.
[via Sophos]
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+
Yes I also agree on thoughts and thanks by the way and I want to share my words with all of you. Now you can make fake email ID using your real email ID and now do not need to tell anyone you primary Email ID anonymous email for facebook
ReplyDelete