We get tonnes of notifications daily, but not all are as innocent as they seem.
That’s according to a security expert who warns fake notifications from the social network are on the loose.
The offending mails, which claim that the recipient has “notifications pending” don’t come from Facebook, although still looks “pretty convincing” says Graham Cluley, Sophos Security, on a blog.
However, where the mails take you is another matter – Sophos ran tests and found the malicious spam brought them to a Canadian pharmacy site offering sale of Viagra.
Click to enlarge
|Image: Sophos Security|
It is likely the spammers are making money per click by driving traffic to such a site.
However it could be to a phishing site, malicious download “or something else unsavoury,” he adds.
But the worrying thing is these ‘notificaitons’ look so real it may be very difficult to identify a spam ‘notification’ from an actual one.
However, having compared the fake with a Facebook generated one, it seems (to this writer anyway) the spammers fail to include specific details and information of your friends ‘notification,’ and the fakes are far more vague (see above).
But those behind the Facebook spam campaign could change its focus at any time, warns Cluley, meaning you
should “always be careful about the links that you click on, and be suspicious of unexpected emails.”
This comes as the social network recently added Microsoft, McAfee, TrendMicro, Sophos and Symantec as friends to its Security team as its membership swells closer to one billion.
This move will help over 901 million Facebook members defend their accounts against viruses, spam and phishing attacks, and brings “extensive automated enforcement mechanisms” that quickly shut down malicious pages, accounts and apps, Facebook said.