I got a really weird email from a friend on Facebook: it was just a Web site URL and when I went to it, I got a warning message that it was an “unsafe” and that it’d been blocked. What the heck? What’s going on?
As I’ve written about before (see Facebook Notification Center phishing email) it’s quite possible for people to send you phishing email messages purporting to be from Facebook. In the last few months, people have also figured out how to send viruses and other unsavory messages from within Facebook itself.
This is both disappointing and unsurprising, because as soon as something becomes popular people start trying to game it and use it for their own commercial purposes, independent of its evolving best practices. Spammers on Twitter are a great example of this too.
Back to Facebook, though.
I recently received a spam message from within Facebook, from a friend who I know for sure didn’t explicitly send it. It even used the slick technique of pointing to a “tinyurl.com” shortener to make it even more difficult to figure out where you’d go.
It looked like this:
A little bit of digging on the Linux command line shows the progression of the TinyURL pointing to a slightly expanded http://tinyurl.com/nospam.php?id=o3chpj which then leads to a note that:
intrusion this user has caused you.
Best strategy? To just delete the message without clicking on the link or trying to figure out where it’s pointing. You can do this by clicking on “Delete” above:
Confirm with another “Delete” and you can go on your merry way.
As a general rule, whether it’s Facebook, LinkedIn, Twitter or anything else, if you get a message that seems suspicious then delete it. If you’re not sure, then email the sender and ask about it. And, as always, be careful out there!
I’d also like to let you know that I have quite a bit of Facebook help here on the site and that I also have an Ask Dave Taylor Facebook Fan Page that I invite you to join.