Avoiding Phishing Scams That Look Like Facebook Notifications

By Craig Szymanski

Social network users need to pay close attention to links that come to you via a social network website. There are several Phishing scams circulating that will trick you into clicking on a misleading link in a message. Sometimes the link is just to show you something that they are trying to sell, or infect your machine with a malicious program such as a virus or trojan. By default facebook notifications come to the email account that you signed up with. For me this is not a big deal. I just used an inbox that I use for nothing but junk and rarely do I visit it, but there are several that will check an email account daily if not more and have “notifications” in the inbox that will be clicked on regularly. Below is an example email fake facebook notice. It looks genuine. I should know. My wife clicked on it before I could tell her that it wasn’t real 🙂

This email looks like it is from facebook. The return address has facebookmail.com in it just like all the other messages you receive from this website. So what do you do? The first thing you need to do is just hover your mouse over a few of the links (do NOT click on them) and see if they actually read the same in the hover as they read…

You can see from these examples that if you click on these links it will send you to a site that is anything but facebook. The domain: campus.2kool4u.net is where this goes. If you click on it the site will redirect to a site selling viagra. If you look at https://whois.domaintools.com/2kool4u.net you see that the 2kool4u.net domain hosts quite a few different sites. This looks a tad “phishy”. Try googling these keywords: 2kool4u.net scam and all you seem to find is junk and more junk.

Summary/Options:

  1. Do not click on links in an email unless you are sure that it is a good link.
  2. Turn off your notifications or just trash them and manually go to the social networking site and look at your updates.
  3. Turn off HTML email in your mail program if you can. There should be an option to view mail as “plain text”. This is inconvenient, but it removes the fake links from the message.

Note: Edited on 4/9/11 to change #1 and #2 in the summary. Simply do not click on links in an email. Explanation on this newer blog post.

Filed under: Computer Security, For-Facebook, Internet, Phishing, Social Networking

Category: Computer Security, For-Facebook, Internet, Phishing, Social Networking, computer security, Email, facebook, phishing