Can you spot a Facebook phishing attempt?

Can you spot a Facebook phishing attempt?

Summary: E-mail notifications are an important part of social networking services like Facebook. If you have to continually visit a web site to see what's new, you lose much of the excitement that comes with comments on your photos or other shared items. You might miss invitations to events or opportunities to connect with a long-lost friend who's in town for a day or two.But e-mail notifications are also a potential security risk. If a potential attacker can create a realistic-looking imitation of a Facebook notification, you might find yourself clicking on a link that can lead to malware or attempt to steal your login credentials.Spotting a fake isn't as easy as it seems. I've assembled four Facebook notifications that arrived in my e-mail inbox recently. Which are real, and which are fake? Answers are in the caption beneath each screen shot.


 |  Image 2 of 4

  • Thumbnail 1
  • Thumbnail 2
  • Thumbnail 3
  • Thumbnail 4
  • This is a reasonably convincing fake, but a fake it is.

    The word photo should be plural. That's the only typo in this message, which otherwise looks very similar to a real Facebook notification.

  • This one's real.

    If you thought it was fake, that's understandable. The link, filled with random strings of numbers and letters, doesn't exactly lend itself to easy parsing. In fact, many phishing attackers use long, complicated links like this one to disguise their true domain.

  • This one's real.

    Oddly, in this example, Facebook uses buttons to provide navigation to comments on items you've posted. In the previous example, you'll recall they used a long, complex URL.

    How do you know whether that button goes to a safe place?Without inspecting it more closely, there's no way to tell. 

Topics: Collaboration, Security, Social Enterprise

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories


Log in or register to join the discussion
  • RE: Can you spot a Facebook phishing attempt?

    I solve this problem by signing in to Facebook directly rather than clicking on any link. Once I'm in my Facebook account I can look for the item referenced in the email.
    • Agreed

      I use email notifications as just that.... notifications. I immediately delete them and go the FB site. I'm not a fan of clicking links in emails, no matter who they appear to be from.
  • Grammar on Facebook

    OK, maybe that was a fake email, but facebook is riddled with grammatical errors, including but not limited to misuse of plurals and the use of "their" to mean "his or her."

    Far safer is to look at the link - carefully - and see where it really goes.

    or go direct to Facebook yourself.
  • RE: Can you spot a Facebook phishing attempt?

    Like patriciaspider, I, too, do not click on any links in emails appearing to be from Facebook. If I receive an email such as this, I delete the email, log on to Facebook in my browser and look to see if there are legitimate requests pending. I also look for spelling errors within the email. I do this for many other emails which I receive from other companies / organizations.
    Jerry Guinn
  • Can you spot a Facebook phishing attempt?

    If misspelling is a possible clue to a false Facebook message, how should we treat the last sentence in the correct answer to your little quiz? <br><br>"Without caerful [sic] inspection, it's very difficult to tell that this one isn't legit."
    • RE: Can you spot a Facebook phishing attempt?

      @brambeus Obviously no one should click any links on this page!
      The One True Fnerd
  • RE: Can you spot a Facebook phishing attempt?

    After reading your article, especially giving the last example "caerful" inspection, I think their both fake! ( ;
    • RE: Can you spot a Facebook phishing attempt?

      @kdouga - That would be they're both fake! :)
  • RE: Can you spot a Facebook phishing attempt?

    I got them all right, Ed! Go IT Princess of Power! (that's me) BTW - love your blog. Keep it up.
  • RE: Can you spot a Facebook phishing attempt?

    "they're" not "their"
  • RE: Can you spot a Facebook phishing attempt?

    That is all very well to identify these fakes, why not now put effort into trapping the phish... surely the URLs leads to somewhere, eg we monitor access to the outward bound traffic from these sites...beat them at their own game.
  • Indicator No.1...

    Don't look at the URL first... with most phishing scams (Facebook, eBay and the like) they DON'T include your REAL NAME in the email.

    99% of the time, if an email has no intro, has "Dear Facebook User" or something similar that DOESN'T use your actual name, you should delete it straight away.

    In Ed's case, you can clearly see the two REAL emails have "Dear Ed" in the body. The fakes have no real name on them.
  • spot your mistake...

    Guys, to lend credibility to your post, It would be great if YOU would check your own spelling prior to release: "Without [caerful] inspection, it's very difficult to tell that this one isn't legit."
  • RE: Can you spot a Facebook phishing attempt?

    one EASY way to spot fakes is to "expose" the URL for any link. One easy way is to hover over a link or button and see what shows up in the status bar or hover "bubble".

    99.9% if the time the fake URL's are not disguised. The ones that are, are still easy to distinguish as you ALSO should look for the root website name at the start of the link, after any subdomains.

    SO in this case, if shows up at the VERY start of the URL, even if it includes a subdomain but has, and nothing after that as part of the domain, you know it is real.

    Takes a little training but is very easy to become accurate.