Monday, August 29, 2011
Facebook notification emails invite spammers to imitate
Webroot has tweeted along a link to a Zdnet story giving examples of phishing attempts that imitate legitimate Facebook notifications. The link is here.
The complicated URL’s used by Facebook, and the buttons can appear on legitimate notifications, a possibility that invokes criticism for the story writer Ed Bott. But users can also check with their mouse without clicking whether links are legitimate.
Newer browsers, including Safari, Google’s Safe Browsing and Microsoft’s Smart Screen are supposed to be able to detect the phishing attempts. Many email programs like AOL will not correctly identify all of them.
What Bott offers her e is a good true-false quiz. It’s rather like a TSA quiz of employees expected to identify dangerous carry-ons.
A few months ago, spammers propagated a scam involving site “guessology” and fake surveys when misspellings of “Facebook” were keyed in. I reported this (Feb. 27, 2011) and some people confirmed running into this.