Sophos Cloud Optix
Facebook claims to have more than 750 million active users, and many of them would have steam coming out of their ears if they thought they had lost a message from one of their Facebook friends.
And that’s exactly what spammers are banking on in their latest campaign, where they have sent out messages pretending to come from Facebook:
Facebook sent you a notification
You have 1 lost message on Facebook, to recover a message follow the link below: [LINK]
FAQ: Can you recieve messages if your inbox is full?
The spammers might also like to check their dictionary next time they compose an email. They’ve spelt “receive” incorrectly – as my mum always told me, it’s “i before e, except after c”.
Of course, in your hurry to read a missing message you may not have noticed the spelling mistake and may have blindly clicked on the link.
Can you guess what you’ll find at the other end?
Well, I must admit I was fully expecting to come across a phishing site – designed to steal my Facebook username and password by providing me with a bogus login screen. But instead, when I tried the link, I was redirected to a Canadian pharmacy website trying to pimp drugs to me instead.
Of course, the people behind this spam campaign could change where they point you at any time, or vary the destination depending on what type of browser or operating system you are running, or where you are based in the world.
Always remember to be on your guard when receiving unsolicited emails. It’s child’s play to forge a “from:” address or to create an HTML email which looks at first glance to be the genuine article. A nice font and corporate colours do not a legitimate email make.
Hat tip: Thanks to Naked Security reader Remy for sending us a tip about this spam campaign.
not that I'm in cahoots with the spammers, but if you are going to critique someone else on their spelling…. perhaps you should check your own. "But instead, when I tried the link, I was redirected to a Canadian pharamacy website trying to pimp drugs to me instead." its pharmacy.. especially if your image right below your post spells it correctly.
Touche! (wish i could find my extended character to do the accent)
I will correct my sloppy spelling immediately.
Psst. . . there’s a big difference between fatfingering and poor spelling/grammar. For instance, the “its” in your comment should be “it’s.” Also check your capitalization throughout. . .
Anyone who needs to churn out content before it goes stale is bound to make a couple typos from time to time, but the Naked Security guys are on the whole quite good.
wow; punktuation and ghrammer natsies. geese, do u guys haf anythink better to due then correkt poepeles mistacks? have fun with this won. 🙂
actually, your mum was wrong! There are more exceptions to the "i before e except after c" 'rule' than there are words which adhere. So much so, in fact, that this maxim is no longer taught in British schools.
Are you moron? The exception is implicit in the rule… that's why it says "except". "receive" is not an exception, it's an example with the exception.
To make it clear to you (thing that you elementary school teacher school should have done), It's always 'i' before 'e', THE EXCEPTION is when before the last letter was 'c'.
By the way English is not my first language… I'm just learning.
If you are just learning English (or the American version of it), then you may not have come across words like weird or science.
I suggest YOU go back and have a word with whomever is teaching you to be critical of others without the depth of knowledge to make informed comment.
That's a super lame technique.
I believe you received that text because you inquired about Viagra………
i does not come before e, although both come after c.
Not so lame- I almost fell for this after finding this in my email tonight, even though I follow Naked Security on Facebook. I'm not sure if this wasn't shared on the Facebook page or if Facebook, in its infinite algorithm wisdom, decided I didn't need to see that post.. =P
Good thing that by long habit I check where a link is going when I mouse over it, and I saw something about "terror" something or other, and I knew that had to be wrong!
I actually moused over the "Frequently Asked Questions" panel, because something didn't sound right about the whole idea of lost messages and "full" mailboxes. It otherwise looked perfectly legit. I then moused over the other links and when I saw they all went to that bogus looking address, it confirmed itself as a scam.
(I used to catch the slightest spelling errors in a heartbeat, I guess I'm getting sloppy these days, so many times I start seeing what I expect to see now, and never saw that spelling error. Not sure if that comes from being married to one of the world's worst spellers 🙂 or just tired eyes.)