How to Spot A Phishing Facebook Mail

I have recently received a phishing mail with the sender address from “facebookmail.com”. The phishing mail looks exactly the same as the real notification email from Facebook, and if not careful, I would have clicked the link and give away my facebook login name and password.

Here’s a screenshot of the original vs the phishing mail:

facebook-real-email
Real notification email from Facebook
facebook-malware-email
Phishing email from fake facebook address

Both the emails look almost exactly the same. Here is how you can differentiate the phishing email from the real.

1. Subject of the email – I have several facebook accounts signed up with different email address and never did I receive any email from Facebook about “notification pending“. Facebook will not email you regarding your pending notification and ask you to login to your account.

2. Reply-to email address is wrong – Did you notice that the From and Reply-to email address are the same? In most cases, the Reply-to field is “noreply@facebookmail.com“, which means you shouldn’t reply to the mail.

3. No name personalization – If you have noticed, the original email from Facebook starts off with “Hi Damien” while the malware email starts off with “Hi“.

4. Content of the email – I login to Facebook at least once everyday, so it is not correct that “You haven’t been back to Facebook recently“. In addition, I have more than 3 pending friends requests, which means the content is absolutely wrong.

5. Link not pionting to Facebook.com – The last and most obvious clue is that when hover your mouse over the link, it does not point to Facebook.com. Instead it is pointing to “buildyourvision.com”. I never knew that Facebook is related to buildyourvision…

facebook-wrong-link

Conclusion

It is a good thing that Gmail comes with a powerful spam filter that can weed out the bad from the good. However, in the case where the phishing mail get through your spam filter, you will have to exercise your vigilant and protect yourself from being spammed/hurt by these malware. In the event that you are not sure, do not click on any link. Open a new tab and load facebook.com manually.

Here are some useful resources:

17 comments

  1. Hey!
    Thanks for warning this!!!

    (PS: I suggest you to deface your ”G-email” (last snap) like as the other 2 pictures ;)

    Cheers!!!
    Benny ^_^”

  2. Hey Damian,

    I just received a message that seems phising to me and i’d like your opinion. The message is writting in portuguese, as this is my mother language. The message was sent to my yahoo mail account. The thing that made me think it was a weird message was: 

    Fact 1: My name was wrong. Im not Marisa. Seems someone was trying to guess, as my email address is malastname@yahoo.com.br
    Fact 2:  The message itself. It says that i added recently a new email contact. That i should confirm my email contact using the link.
    Fact 3: I’m not using facebook at all, probably there’s at least a month i dont connect there.
    Fact. 4: The email i have subscribed there is not this one. All the notifications i ever received goes to another email account, btw from hotmail. 
    Fact 5: The appearance is different of yours. I dont know if this appearance is also used, as im not active in facebook anymore, so i dont remember. lol
    Fact 6: The sender address. I didn’t know (or i didn’t remember) facebook address was facebookmail . That’s how i ended up in here. lol

    They really try to convince. There were no writing mistakes, they also suggest to copy and paste the link url in your browser in the case it doesn’t work. They mention a help link (the second one) and suggest to ignore it in the case you didn’t add that address as your email contact. I checked if there were a different address url in those links and it was exactly the same as it shows.

    What do you think, guys?

  3. My scam has the correct names and accounts of people I know, supposedly inviting me to Accept Invitation.
    How could they get this information

  4. I just received one of these, asking me to complete registration – or, at least, that’s what gmail translate tells me: the mail was in Russian. I do not speak it.
    I was also greeted with a completely wrong given name, but my biggest clue was that I’ve never so much as wanted to register a facebook account and I never will, so WTF?
    If this is supposed to be an FB users’ problem, then I wonder where the bleeping bleep they leeched my address from…

    • There are tons of ways to get your email address, not necessary from Facebook. The Facebook phising mail is just a means for them to get hold of your confidential information. No matter what, just be vigilant and careful of what you click and the information you submit.

  5. I thought that this might be some type of scam as well when I saw the sender e-mail address, but these messages have been accurate with friend invitations, wall posts, etc.  I don’t think that it’s some kind of phishing, but I was pretty spooked out when I first saw these e-mails sitting in my inbox.

  6. yea i am a victim of same spam or whatever it is, i logged in ith my username and password and now they have changed it and i am unable to logg in Facebook again. People help me w hat to do now 

  7. I want to forward the phishing email scam to Facebook so they can go after the offenders. What email do I use?

  8. I keep getting so called friends request to add them as friends however
    I dont do facebook The person on this phantom account is not the same name as mine I dont know who David Walkden is how they got hold of my e-mail addy I dont know but is pissing me off

Comments are closed.

Sponsored Stories