Industry guru Dave Taylor offers free tech support on a wide variety of technical and business topics, including HTML, Apple iPhone, online advertising, Cascading Style Sheets, Web design, management, Unix, Linux, search engine optimization, online dating, Mac OS X, shell script programming and Microsoft Windows.

Can I get Facebook phishing or virus email?

I got a really weird email from a friend on Facebook: it was just a Web site URL and when I went to it, I got a warning message that it was an "unsafe" and that it'd been blocked. What the heck? What's going on?


Dave's Answer:

As I've written about before (see Facebook Notification Center phishing email) it's quite possible for people to send you phishing email messages purporting to be from Facebook. In the last few months, people have also figured out how to send viruses and other unsavory messages from within Facebook itself.

This is both disappointing and unsurprising, because as soon as something becomes popular people start trying to game it and use it for their own commercial purposes, independent of its evolving best practices. Spammers on Twitter are a great example of this too.

Back to Facebook, though.

I recently received a spam message from within Facebook, from a friend who I know for sure didn't explicitly send it. It even used the slick technique of pointing to a "tinyurl.com" shortener to make it even more difficult to figure out where you'd go.

It looked like this:

facebook phishing mail

A little bit of digging on the Linux command line shows the progression of the TinyURL pointing to a slightly expanded http://tinyurl.com/nospam.php?id=o3chpj which then leads to a note that:

URL Terminated:
The TinyURL (o3chpj) you visited was used by its creator in violation of our terms of use. TinyURL has a strict no abuse policy and we apologize for the
intrusion this user has caused you.

Best strategy? To just delete the message without clicking on the link or trying to figure out where it's pointing. You can do this by clicking on "Delete" above:

facebook delete confirm window

Confirm with another "Delete" and you can go on your merry way.

As a general rule, whether it's Facebook, LinkedIn, Twitter or anything else, if you get a message that seems suspicious then delete it. If you're not sure, then email the sender and ask about it. And, as always, be careful out there!



Help others find this article at Del.icio.us, Digg, Netscape, Reddit, and Stumble Upon    

Subscribe!

Never miss another useful Q&A article again! Subscribe to AskDaveTaylor with Google Reader.

Comments

i clicked on a similar link, or maybe it was the same. its a very short link and my friend had it on his myspace status saying "my new home video" it opened up some windows, and then it said it on my status. i got to get into myspace and change my pw twice, but sometimes it still closes. but i havent been able to go on facebook since. i had the same email address and pw on facebook, but i cant even log in without the window closing almost as soon as i type in facebook.com in the window. how can i fix this? i need to warn my friends not to click on that link. ive ran a virus scan and it said it got rid of a trojan virus. and now when i run the scan it says its clean but i still cant go into facebook...not just the log in page but anything that has to do with facebook/ closes...ive tried deleting cookies, history and all that, can you help me???

Posted by: amy kim at June 10, 2009 11:00 AM

I have a lot to say, but ...
Starbucks coffee cup I have a lot to say, and questions of my own for that matter, but most of all I'd like to say thank you for all your efforts on this Web site by buying you a chai!

I do have a comment, now that you mention it!











Remember personal info?


Please note that I will never send you any unsolicited commercial email. Ever.

While I'm at it, please note that by submitting a question or comment you're agreeing to my terms of service, which are: you relinquish any subsequent rights of ownership to your material by submitting it on this site.









Uniblue: Free Virus Scan

Follow me on Twitter @DaveTaylor

Search
Find just the answers you seek from among our 2300+ free tech support articles by using our Lijit search engine.


Help!





Subscribe to
Ask Dave Taylor!

Add to Google Reader
Add to My Yahoo!
Subscribe in NewsGator Online

RDF   XML

Free Updates!
Sign up and get free weekly updates and special offers on books, seminars, workshops and more.


Recent Entries
Book Links
© 2002 - 2009 by Dave Taylor. All Rights Reserved.

Note: This web site is for the purpose of disseminating information for educational purposes, free of charge, for the benefit of all visitors. We take great care to provide quality information. However, we do not guarantee, and accept no legal liability whatsoever arising from or connected to, the accuracy, reliability, currency or completeness of any material contained on this web site or on any linked site.

[whiteboard marker tray]
"Ask Dave Taylor®" is a registered trademark of Intuitive Systems, LLC.