Can you spot a Facebook phishing attempt?
by Ed Bott | August 28, 2011 1:48pm PDT | Image 1 of 4
Previous | Next
Real or fake?
This is a reasonably convincing fake, but a fake it is.
The word photo should be plural. That's the only typo in this message, which otherwise looks very similar to a real Facebook notification.
Just In
RE: Can you spot a Facebook phishing attempt?
@kdouga - That would be they're both fake! 
I solve this problem by signing in to Facebook directly rather than clicking on any link. Once I'm in my Facebook account I can look for the item referenced in the email.
@patriciaspider
I use email notifications as just that.... notifications. I immediately delete them and go the FB site. I'm not a fan of clicking links in emails, no matter who they appear to be from.
I use email notifications as just that.... notifications. I immediately delete them and go the FB site. I'm not a fan of clicking links in emails, no matter who they appear to be from.
OK, maybe that was a fake email, but facebook is riddled with grammatical errors, including but not limited to misuse of plurals and the use of "their" to mean "his or her."
Far safer is to look at the link - carefully - and see where it really goes.
or go direct to Facebook yourself.
Far safer is to look at the link - carefully - and see where it really goes.
or go direct to Facebook yourself.
Like patriciaspider, I, too, do not click on any links in emails appearing to be from Facebook. If I receive an email such as this, I delete the email, log on to Facebook in my browser and look to see if there are legitimate requests pending. I also look for spelling errors within the email. I do this for many other emails which I receive from other companies / organizations.
If misspelling is a possible clue to a false Facebook message, how should we treat the last sentence in the correct answer to your little quiz?
"Without caerful [sic] inspection, it's very difficult to tell that this one isn't legit."
"Without caerful [sic] inspection, it's very difficult to tell that this one isn't legit."
@brambeus Obviously no one should click any links on this page!
After reading your article, especially giving the last example "caerful" inspection, I think their both fake! ( ;
I got them all right, Ed! Go IT Princess of Power! (that's me) BTW - love your blog. Keep it up.
That is all very well to identify these fakes, why not now put effort into trapping the phish... surely the URLs leads to somewhere, eg we monitor access to the outward bound traffic from these sites...beat them at their own game.
Don't look at the URL first... with most phishing scams (Facebook, eBay and the like) they DON'T include your REAL NAME in the email.
99% of the time, if an email has no intro, has "Dear Facebook User" or something similar that DOESN'T use your actual name, you should delete it straight away.
In Ed's case, you can clearly see the two REAL emails have "Dear Ed" in the body. The fakes have no real name on them.
99% of the time, if an email has no intro, has "Dear Facebook User" or something similar that DOESN'T use your actual name, you should delete it straight away.
In Ed's case, you can clearly see the two REAL emails have "Dear Ed" in the body. The fakes have no real name on them.
Guys, to lend credibility to your post, It would be great if YOU would check your own spelling prior to release: "Without [caerful] inspection, it's very difficult to tell that this one isn't legit."
one EASY way to spot fakes is to "expose" the URL for any link. One easy way is to hover over a link or button and see what shows up in the status bar or hover "bubble".
99.9% if the time the fake URL's are not disguised. The ones that are, are still easy to distinguish as you ALSO should look for the root website name at the start of the link, after any subdomains.
SO in this case, if facebook.com shows up at the VERY start of the URL, even if it includes a subdomain but has facebook.com, and nothing after that as part of the domain, you know it is real.
Takes a little training but is very easy to become accurate.
99.9% if the time the fake URL's are not disguised. The ones that are, are still easy to distinguish as you ALSO should look for the root website name at the start of the link, after any subdomains.
SO in this case, if facebook.com shows up at the VERY start of the URL, even if it includes a subdomain but has facebook.com, and nothing after that as part of the domain, you know it is real.
Takes a little training but is very easy to become accurate.
Join the conversation!
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
Vendor Showcase
