Thursday, 11th March 2010
Subscribe RSS Feed

Facebook Phishing Alert – Identity Theft Email Scam

Posted on 08. Nov, 2009 by M.L. Zupan in Email Alerts, Feature

Facebook Phishing Alert – Identity Theft Email Scam

Identity theft update – Facebook users

It looks like an email from Facebook to you – but is it really? Recently, I received this email from what looked like – Facebook. As you can see in the graphic below – the email looks official, it offers what seems to be viable information and it targets a persons concerns for security.

Phishing Facebook - Protecting Your Identity

Phishing Facebook - Protecting Your Identity

All a person has to do is click on the update button or the “here” link (where the little hand is pointing) and it is suppose to take you to the Facebook login page so you can verify and update your login information to make sure it is secure.

DO NOT CLICK THAT BUTTON!

“Phishing” Emails

This email has all the tell-tale signs of a “phishing email” designed to steal your login information and possibly your identity. But before I go into what makes this email a phishing email – I will explain “what is phishing”.

  • Phishing is when a scammer creates a login, or an email that tries to replicate a popular web site. You may have seen similar email scams coming from Paypal, MySpace, UPS, Western Union, EBay, etc… .
  • They try to use the same colors, the same style, even the same font in the email. It gives the quick impression that it is official and hopefully it lulls the recipient into a false sense of security right away.
  • The email tries to address the user of the account (not always successfully) – to make it personal and friendly – as if they know you – again, adding to that false sense of security.
  • There is usually some sort of security problem or update, or server update or a warning of even a possible phishing scam where you need to take immediate action to verify your user information right now. This creates a sense of anxiety in the hopes of overriding your sense of caution – thus creating an impulse click effect.
  • They offer a big click here button or update now button to make it simple for you to just login real quick and enter your personal data.
  • Once on the login page – it is also designed to look like the web site they are trying to chameleon.

How can you tell if it is a phoney “phishing email scam”?

First of all, you should always be suspicious of emails requesting you to login and update your accounts coming from any social site like Facebook, Twitter, MySpace, YouTube, etc… The same goes true for (and especially) banks, Ebay, Paypal and many others. NEVER take the email at face value.

Second, if you look closely at the photo above you will see that it did not get the owner of the account correct. Facebook does know who you are and they wouldn’t send out a generic email to some “random user” asking them to update their security settings. If for some reason Facebook needed you to update your login information they would tell you to open a clean browser and then type in http://facebook.com and then go to their security update page.

Now here is the third and biggest clue. When you open your email program, if you roll over the embedded email link without clicking on it, it will show you the actual web address near the bottom of the program. I use Thunderbird and it always gives me a visual of where the link wants to send me. If it doesn’t match Facebook.com – it is a phoney address.

It is easy to check these things before you make a big mistake and lose your login information to some scammers email. Most emails only take a couple of extra seconds to check and the time it takes is well worth the headache and problems of having your identity stolen.

The last thing to remember is that many times, these email scammers will find legitimate information and then try to make chameleon web sites using real information likeĀ  the “Dram Litigation Scam” based on the real Dram Litigation lawsuit filed in 2006. The email links that were embedded in the email did not take you to the Dram Litigation web site.

If you would like to read more about different email scams check out the following articles.

Money Transfer Control Number Scam Alert – by M.L. Zupan
Scam Emails – by M.L. Zupan
Greeting Card Email Alert by M.L. Zupan

If you have information about some email scam that you have dealt with in the past and would like to share it with us – we would like to hear from you. Leave your comments and share them with others.

*** Remember, that at CIDANews.com we do monitor comments and only allow comments related to the topic of the articles. Thank you for your understanding. ***

Don’t forget to subscribe to CIDANews.com to get your news delivered directly to your RSS reader or subscribe to CIDANews Email to stay up-to-date.