Spam scams for Facebook users

Posted by Jeff Bailey, Executive Producer on October 29th, 2009 at 07:40:05 am , 3361 views

If there's any benefit to getting a lot of spam e-mail, it's that I get to also see some of the phishing attempts to get people to give up their personal information. One that has really hit my inbox over the past couple of days involves Facebook.

Fake Facebook login page.
Fake Facebook login page.

I've received several copies of e-mails that claim "Facebook will be implementing a new login system that will affect all Facebook users... Before you are able to use the new login system, you will be required to update your account."

The e-mail gives you a convenient link that seems to link to Facebook. But in the ten e-mails I've got, a closer look reveals the link actually wants to send me to a page with a .uk or .eu domain, not facebook.com.

Here's a big clue in determining whether e-mails like this are legit. Had this been an actual message from Facebook, it would have had my name on it, not simply "Dear Facebook user". They know my first name and who I am. Spammers don't.

Besides, logging in to change your login doesn't make a whole lot of sense, does it.

My other hot spams recently include:

1) Fake Microsoft e-mails that claim to allow me to download "critical" updates to Outlook. Too bad for the spammers I don't use Outlook. Ignore the e-mails and check Windows Update to find any real and necessary updates to your PC.

2) "Notice of Underreported Income" claims to come from the IRS. The links that indicate they will allow me to "review tax statement for taxpayer id: jeff-00000867938104US" goes to some other web site, not IRS.gov. As the agency says on its site, "The IRS does not initiate taxpayer communications through e-mail."

3) An "FDIC alert" claims that I need to check your bank deposit insurance coverage. Once again, the e-mail doesn't use my real name, and the link provided that says it's for the FDIC web site really goes to European domains. If you get one send it right to the recycle bin. The FDIC has posted a warning about this spam.

Filed under From the Web Staff.
Tags: facebook, irs, spam, windows outlook

11 comments

Comment from: janet [Visitor]
bummer. I think I fell for this ...
10/29/09 @ 07:48
Comment from: Lou Lange [Visitor]
Good observation, Jeff. Most legitimate sites will use your name in whatever form you have used it when you registered. Checking the actual web link is also (in 95% of the cases) a dead giveaway about spammers.
10/29/09 @ 07:55
Comment from: Hosed By The System [Visitor]
Thanks to over-rated technology.....we are ALL scammed...............

Its SO easy for this to happen.......
10/29/09 @ 08:01
Comment from: Dawn [Visitor]
Microsoft never sends emails about updates. The IRS wouldn't have your email address, that was the red flag for me. Then again, I use an online tax prep service and THAT company has my email address. It could be easy enough to fool me into thinking the IRS would have my email address too so I could see how some people can fall for it.

Hovering over the links is a great idea, but sometimes even that can fool you. You might see something like www.irs.gov.63.564/ It's especially suspicious when there are numbers in the address. To me the 63.564 would be a dead giveaway but to some innocent people it looks perfectly legit.

I got out of the habit of clicking on links in email and go to websites manually through my browser instead.
10/29/09 @ 08:29
Comment from: Johnny Lifeson [Visitor]
Spam Phishing E-Mail is umusing. Being a GNU/Linux user exclusively, I would have no use for anything from Big Brother Microscrap .

There is one simple rule. NEVER log into a site using your User Name and Password VIA an E-Mail. Simple.

Always mouse over a link within an E-Mail and check the URL. Mainly , the entire mail will be a GIF or JPG file to make the link look legit.
10/29/09 @ 10:41
Comment from: Alice [Visitor] · http://www.affordableaccuracy.com
Better yet! Never respond to any e-mail when you don't PERSONALLY know the sender!
10/29/09 @ 11:46
Comment from: StN/enoGlennaMacDonald osotm [Visitor]
I am not signed up to facebook.
I get enough spam.
They are tricky.
They don`t mention certian things and mention certian things to lure you.
If you look with suspision,you wont get tricked.
If you look for a bargin or free ride,you are vunerable and easily tricked.
~Peace Glenna~
10/29/09 @ 13:00
Comment from: Mom in Southern CT [Visitor]
These go in my junk mail, which I get a daily report from at work - this also shows that it could be virus-infected - sweet. This was just like when the government supposedly said I had unreported income. Do you honestly think if I had unreported income that the IRS wouldn't have sent me a notice along with a demand for 3 times the payment owed?
11/01/09 @ 16:38
Comment from: ugg boots [Visitor] · http://uggbootshop.net
the entry is good!
01/21/10 @ 02:43
Comment from: how to download from redtube [Visitor] · http://www.youtube.com/watch?v=z_og6fACN-g
Interesting post i totally agree with the comments above. Keep writing
03/23/10 @ 19:43
Comment from: cheap boiled wool slippers [Visitor] · http://www.itsmyridetv.com/kokoriky
I didnt post here often but your story is awesome
08/25/10 @ 17:00
Opinions that are derogatory, attack other users or are offensive in nature may be removed as defined by the Terms of Service. WTNH is not responsible for the content posted in the comment section. We reserve the right to remove any offensive or off-topic remark or thread.

The short version -- be nice and be respectful of other's opinions, even if they don't agree with yours, or your comment may be deleted.

Leave a comment


Your email address will not be revealed on this site.

Your URL will be displayed.
(Line breaks become <br />)
(Name, email & website)
(Allow users to contact you through a message form (your email will not be revealed.)
« Spare me the detailsUnexpected cash -- CT Big List »