Posts Tagged ‘phishing’

New Facebook Phishing Campaigns Run Amok

November 6, 2009 Leave a comment

During the past week, I have received 5 different emails from “Facebook” encouraging me to click on links to change my account setting, change my password, reinstall my account, etc. Fortunately, the emails seemed too convenient and smelled very much like a phishing attempt.

Dear Facebook user,

In an effort to make your online experience safer and more enjoyable, Facebook will be implementing a new login system that will affect all Facebook users. These changes will offer new features and increased account security.

Before you are able to use the new login system, you will be required to update your account.

Please click on the link below to update your account online now:

If you have any questions, reference our New User Guide.


The Facebook Team

One of the things that makes this attempt so diabolical is that they are well written and seemingly believable.

According to an article on, one of the current attempts includes am email attachment which is a password-stealing Trojan horse virus which, if login information is provided, will log into the user’s Facebook account and post things on the Wall of 25 of their friends.

Facebook Phishing email sample

This email claiming to be from Facebook is actually a well crafted phishing attempt designed to steal user login information

Bottom line: Beware of any email claiming to be from Facebook with an executable¬† link in it. Facebook will never send you a new password as an email attachment. To learn more, you can visit Facebook’s Security Center.