Industry guru Dave Taylor offers free tech support on a wide variety of technical and business topics, including HTML, Apple iPhone, online advertising, Cascading Style Sheets, Web design, management, Unix, Linux, search engine optimization, online dating, Mac OS X, shell script programming and Microsoft Windows.

Is email from "Facebook Notification Center" legitimate?

I got the strangest email, unlike anything I've seen from Facebook, telling me that I have a message to pick up on the site, but not giving me any of the message. Then it included a weird URL at which I was supposed to log in (even though I am already logged in to Facebook) so I could pick up the message. I stopped and decided I'd check with Guru Dave. So, is it legit?

Dave's Answer:

I know what you're talking about because I got a wave of about twenty of them in the last fifteen minutes. They're all from

Facebook Info Center <messagecenter@facebook.com>

and here's a typical message contents:

Personal Message To You From your friends at facebook video server:
Subject: " Review - My family invite you out for lunch, don't hesitate!"

Read Description for a link to part 1 Original Video added by group member.
You will see a link to Open Your Personal Message Manager.
Selecting this link will take you to the log in page where you can browse new messages.

Proceed to open full message text:

http://login.facebook.management.videomessageid-poi9y94yn.sessionnewid83.com/home.htm?/Management/LOGIN=tun9unnnz3fxm9q

Sincerely, Lindsey Whalen.
Facebook 2009 Message Center.

Now it might be the case that there really is a Facebook 2009 Message Center, but I doubt it.

The clue is in the URL if you look at it close enough. On first blush it looks like it says "http://login.facebook" which is legit, right?

Ah, but keep reading that URL. In fact there are all sorts of subdomains included to confuse you, but the final, proper domain is "sessionnewid83.com" and that's most assuredly not Facebook. In fact, it's registered to someone in Devon, Pennsylvania and I'm sure they have no idea that their site is involved in this phishing attempt. Proceeding to the site (which I've done so you don't have to) drops you onto a page that looks kinda like Facebook, but has a huge video in the middle. Click on it to play it and you suddenly download "Adobe_Player11.exe".

WHooooaaa! Anytime you see a ".exe", run like heck. Delete it, do NOT click it or see if it works for you. If you want Adobe Player, go to http://www.adobe.com/ directly. Because... it's a virus waiting to infect your computer.

All in all, this is a somewhat clever phishing attempt. They want you to blithely log in and give them your Facebook credentials, with which they'll hijack your account and have a good time. Not what you want to have happen, I'm sure!

Delete these messages, log in to Facebook as usual, and if you have messages pending, you'll see 'em as always.

Help others find this article at Del.icio.us, Digg, Netscape, Reddit, and Stumble Upon

Categorized: MySpace, Facebook, Twitter and Social Network Help (Article 8782)
Tagged: adobe, facebook, flash, hacking, phishing
Previous: What happened to my Facebook Request update box?
Next: How do I learn how to be a hacker?

Subscribe!

Never miss another useful Q&A article again! Subscribe to AskDaveTaylor with Google Reader.

Comments

Rather amazingly, there are no comments on this article yet.

I have a lot to say, but ...

I have a lot to say, and questions of my own for that matter, but most of all I'd like to say thank you for all your efforts on this Web site by buying you a chai!

I do have a comment, now that you mention it!