Blog

Facebook email spoof is the latest attempt at consumer spam

Today we see the latest attempt at spammer attacks under the guise of Facebook.  This latest email with the subject line “You have 1 lost message on Facebook” suggests your Facebook email is full and that you may have lost an email that can be recoverd by clicking on the included link.

I have to admit I clicked on it myself as it’s a very convincing look-a-like but I soon noticed the website I was being redirected to (which was NOT Facebook) and closed it fast enough to prevent an intrusion or virus attack.

Just to be sure, I checked the Message Header which is difficult to find in Outlook 2010 as it is no longer part of the standard toolbar.

If you take a look at the Return Path in the Message Header, you will notice it is different from the email address it is supposedly sent from.

Things to look for when uncertain whether an email is legitimate are:

1) Sender Address – in this case it’s a bunch of characters with @textfacebook.com.  Not facebook.com

2) Recipient Address – in this case it’s addressed to Postmaster and Abuse Reporting (postmaster@xxx.com).  In my case, I don’t have this email address registered on my Facebook therefore Facebook would never send to this address.

3) Message Header – if you can, always check the message header and look for the Return-Path.  You’d be surprised where some of these fake emails really come from!