I got this lovely piece of Spam today from “Facebook” about my account deactivation… Now I must admit that I am not very fond of “the book” these days but I haven’t jumped on the “Delete My Account” bandwagon yet either. So I poked around this one a little more for some obvious signs of “phishing“. And sure enough, it was pretty rampant despite the proper spelling near perfect grammar.
First off the email came from: Facebook <firstname.lastname@example.org>. Now most folks wouldn’t know it but there is now facebookmail.com web site. Beside this address is obviously spoofed as we can see in the long header or source of your email:
The lines with marked with the red giveaway should point you in the right direction of the dubious nature of this email. But it get even better. As you can see in the image above, hovering over the sign in button gives you the URL for a site in South Africa; ZA does not stand for Zuckerburg…
Next the link for Facebook.com actually points to another site as well. I must admit that they were very clever in making the link look as real as possible complete with all the official looking http:// stuff and all. Now I apologise for breaking this down like you were a four year old, but I’m going to post this on Facebook too so here we go:
So this is were it gets even better, or worse if you really don’t know what the hell you’re doing. So you think to yourself: I don’t want to get this kind of email again and hopefully you click the spam/junk button in your email client and never think about it. Or you don’t decide to unsubscribe. Bad move and you lose again, by now you have already sent these guys your bank details so they can get some inheritance money out of Nigeria and cut you in for 10% or even worse yet you click on one of these emails from your bank and spent 20 minutes trying to input your bank account number, social insurance number, date of birth, etc and there is now someone going by your very name, driving a very nice Jag in Macedonia and vacationing in the house you paid for in Tuscany.