I got the strangest email, unlike anything I’ve seen from Facebook, telling me that I have a message to pick up on the site, but not giving me any of the message. Then it included a weird URL at which I was supposed to log in (even though I am already logged in to Facebook) so I could pick up the message. I stopped and decided I’d check with Guru Dave. So, is it legit?
I know what you’re talking about because I got a wave of about twenty of them in the last fifteen minutes. They’re all from
and here’s a typical message contents:
Personal Message To You From your friends at facebook video server:
Subject: ” Review – My family invite you out for lunch, don’t hesitate!”
Read Description for a link to part 1 Original Video added by group member.
You will see a link to Open Your Personal Message Manager.
Selecting this link will take you to the log in page where you can browse new messages.
Proceed to open full message text:
http://login.facebook.management.videomessageid-poi9y94yn.sessionnewid83.com/home.htm?/Management/LOGIN=tun9unnnz3fxm9q
Sincerely, Lindsey Whalen.
Facebook 2009 Message Center.
Now it might be the case that there really is a Facebook 2009 Message Center, but I doubt it.
The clue is in the URL if you look at it close enough. On first blush it looks like it says “http://login.facebook” which is legit, right?
Ah, but keep reading that URL. In fact there are all sorts of subdomains included to confuse you, but the final, proper domain is “sessionnewid83.com” and that’s most assuredly not Facebook. In fact, it’s registered to someone in Devon, Pennsylvania and I’m sure they have no idea that their site is involved in this phishing attempt. Proceeding to the site (which I’ve done so you don’t have to) drops you onto a page that looks kinda like Facebook, but has a huge video in the middle. Click on it to play it and you suddenly download “Adobe_Player11.exe”.
WHooooaaa! Anytime you see a “.exe”, run like heck. Delete it, do NOT click it or see if it works for you. If you want Adobe Player, go to http://www.adobe.com/ directly. Because… it’s a virus waiting to infect your computer.
All in all, this is a somewhat clever phishing attempt. They want you to blithely log in and give them your Facebook credentials, with which they’ll hijack your account and have a good time. Not what you want to have happen, I’m sure!
Delete these messages, log in to Facebook as usual, and if you have messages pending, you’ll see ’em as always.
FIND FRINDS BLOK WHY?
My email tks