I got a really weird email from a friend on Facebook: it was just a Web site URL and when I went to it, I got a warning message that it was an “unsafe” and that it’d been blocked. What the heck? What’s going on?
As I’ve written about before (see Facebook Notification Center phishing email) it’s quite possible for people to send you phishing email messages purporting to be from Facebook. In the last few months, people have also figured out how to send viruses and other unsavory messages from within Facebook itself.
This is both disappointing and unsurprising, because as soon as something becomes popular people start trying to game it and use it for their own commercial purposes, independent of its evolving best practices. Spammers on Twitter are a great example of this too.
Back to Facebook, though.
I recently received a spam message from within Facebook, from a friend who I know for sure didn’t explicitly send it. It even used the slick technique of pointing to a “tinyurl.com” shortener to make it even more difficult to figure out where you’d go.
It looked like this:
A little bit of digging on the Linux command line shows the progression of the TinyURL pointing to a slightly expanded http://tinyurl.com/nospam.php?id=o3chpj which then leads to a note that:
URL Terminated:
The TinyURL (o3chpj) you visited was used by its creator in violation of our terms of use. TinyURL has a strict no abuse policy and we apologize for the
intrusion this user has caused you.
Best strategy? To just delete the message without clicking on the link or trying to figure out where it’s pointing. You can do this by clicking on “Delete” above:
Confirm with another “Delete” and you can go on your merry way.
As a general rule, whether it’s Facebook, LinkedIn, Twitter or anything else, if you get a message that seems suspicious then delete it. If you’re not sure, then email the sender and ask about it. And, as always, be careful out there!
I’d also like to let you know that I have quite a bit of Facebook help here on the site and that I also have an Ask Dave Taylor Facebook Fan Page that I invite you to join.
Hello,
Have you anything to do with a supposed Dave Taylor, who’s registering lots of domains just to redirect to virus hosts?
I got tons of fake e-mails from LinkedIn linking to a site, for example, http://dhz75n3f.info/. If you’d click on it (take care!) you will be redirected to a .exe download site.
Ask for who is dhz75n3f.info and every other site, and you will always be there…
Maybe a sophisticated Joe job?
hello to whom this concerns i hope you can help me i tried to sign in facebook today and it said it has been disabled why i am trying to locate my family can you help me please , please email me at spider_0000@hotmail.com and to let me know thanks again
i clicked on a similar link, or maybe it was the same. its a very short link and my friend had it on his myspace status saying “my new home video” it opened up some windows, and then it said it on my status. i got to get into myspace and change my pw twice, but sometimes it still closes. but i havent been able to go on facebook since. i had the same email address and pw on facebook, but i cant even log in without the window closing almost as soon as i type in facebook.com in the window. how can i fix this? i need to warn my friends not to click on that link. ive ran a virus scan and it said it got rid of a trojan virus. and now when i run the scan it says its clean but i still cant go into facebook…not just the log in page but anything that has to do with facebook/ closes…ive tried deleting cookies, history and all that, can you help me???