Industry guru Dave Taylor offers free tech support on a wide variety of technical and business topics, including HTML, Apple iPhone, online advertising, Cascading Style Sheets, Web design, management, Unix, Linux, search engine optimization, online dating, Mac OS X, shell script programming and Microsoft Windows.

Can I get Facebook phishing or virus email?

I got a really weird email from a friend on Facebook: it was just a Web site URL and when I went to it, I got a warning message that it was an "unsafe" and that it'd been blocked. What the heck? What's going on?

Dave's Answer:

As I've written about before (see Facebook Notification Center phishing email) it's quite possible for people to send you phishing email messages purporting to be from Facebook. In the last few months, people have also figured out how to send viruses and other unsavory messages from within Facebook itself.

This is both disappointing and unsurprising, because as soon as something becomes popular people start trying to game it and use it for their own commercial purposes, independent of its evolving best practices. Spammers on Twitter are a great example of this too.

Back to Facebook, though.

I recently received a spam message from within Facebook, from a friend who I know for sure didn't explicitly send it. It even used the slick technique of pointing to a "tinyurl.com" shortener to make it even more difficult to figure out where you'd go.

It looked like this:

A little bit of digging on the Linux command line shows the progression of the TinyURL pointing to a slightly expanded http://tinyurl.com/nospam.php?id=o3chpj which then leads to a note that:

URL Terminated:
The TinyURL (o3chpj) you visited was used by its creator in violation of our terms of use. TinyURL has a strict no abuse policy and we apologize for the
intrusion this user has caused you.

Best strategy? To just delete the message without clicking on the link or trying to figure out where it's pointing. You can do this by clicking on "Delete" above:

Confirm with another "Delete" and you can go on your merry way.

As a general rule, whether it's Facebook, LinkedIn, Twitter or anything else, if you get a message that seems suspicious then delete it. If you're not sure, then email the sender and ask about it. And, as always, be careful out there!

Help others find this article at Del.icio.us, Digg, Netscape, Reddit, and Stumble Upon

Categorized: MySpace, Facebook, Twitter and Social Network Help (Article 8905)
Tagged: facebook, linkedin, myspace, phishing, viruses
Previous: Prince of Persia Walkthrough VI: Defeating Ahriman
Next: How do I erase and reformat an Apple Time Capsule?

Subscribe!

Never miss another useful Q&A article again! Subscribe to AskDaveTaylor with Google Reader.

Comments

i clicked on a similar link, or maybe it was the same. its a very short link and my friend had it on his myspace status saying "my new home video" it opened up some windows, and then it said it on my status. i got to get into myspace and change my pw twice, but sometimes it still closes. but i havent been able to go on facebook since. i had the same email address and pw on facebook, but i cant even log in without the window closing almost as soon as i type in facebook.com in the window. how can i fix this? i need to warn my friends not to click on that link. ive ran a virus scan and it said it got rid of a trojan virus. and now when i run the scan it says its clean but i still cant go into facebook...not just the log in page but anything that has to do with facebook/ closes...ive tried deleting cookies, history and all that, can you help me???

Posted by: amy kim at June 10, 2009 11:00 AM

I have a lot to say, but ...

I have a lot to say, and questions of my own for that matter, but most of all I'd like to say thank you for all your efforts on this Web site by buying you a chai!

I do have a comment, now that you mention it!