Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider


Site Navigation










Issue 110 - January 2011 - Page 1

Pages in this month's issue:
  1. Facebook Account Update Phishing Scam Email
  2. Facebook Change Profile Picture to Cartoon Character Paedophile Warning Hoax
  3. Inaccurate Warning about Fake $50 Australian Banknotes
  4. Driving With Snow on Car Roof Fixed Penalties Hoax
  5. Elephant Encounter Story - Not the Same Elephant
  6. Facebook Warning Post - Apps Sending 'Not Very Nice' Messages Using Your Name
  7. Google Romance Malware Email
  8. St.George Bank Phishing Scam Emails
  9. New Fall Hat - Image of President Obama Wearing an Acorn Hat and Smoking
  10. BT Service Cancellation Notice Phishing Scam
  11. Liverpool and Manchester Shopping Centre Bomb Threat Hoax
  12. Adobe Acrobat Upgrade Phishing Scam Emails
  13. The Amazing Typewriter Art of Paul Smith
  14. Indian Government Award Advance Fee Scam
  15. Slow Dance Charity Hoax
  16. Chinese Hair Bands Made From Used Condoms
  17. Baby With Facial Deformity Money for Forwarding Hoax
  18. F-15 Crash Sequence Images
  19. Tampa Bay Beach Sea Monster

Issue 110 Start Menu

Next Article

Facebook Account Update Phishing Scam Email

Outline
Email, purporting to be from Facebook, claims that Facebook is implementing a new login system and that the user must therefore follow a link in the message to update his or her account.



Brief Analysis
The email is not from Facebook. In fact the message is a phishing scam designed to steal Facebook login details.

Bookmark and Share
Detailed analysis and references below example.

Enter your email address to subscribe to the Hoax-Slayer Newsletter:




Last updated: 22nd December 2010
First published: 22nd December 2010
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example
Subject: Facebook Account Update

Dear Facebook user,

In an effort to make your online experience safer and more enjoyable, Facebook will be implementing a new login system that will affect all Facebook users. These changes will offer new features and increased account security.
Before you are able to use the new login system, you will be required to update your account.
Click here to update your account online now.
If you have any questions, reference our New User Guide.
Thanks,
The Facebook Team

Facebook Phishing Scam Email




Detailed Analysis
This email, which purports to be from social networking website, Facebook, claims that Facebook is about to implement a new login system. The message claims that Facebook users must follow a link in the message to update their details before they will be able to use the new system.

However, the email is not from Facebook and the claim that Facebook users are required to update their account details is untrue. In fact, the email is a phishing scam designed to steal Facebook login details from unsuspecting users. To further the illusion of legitimacy, the email is designed and formatted to resemble a genuine Facebook message. Those who fall for the ruse and follow the link in the bogus email will be taken to the following fake Facebook login page:

Fake Facebook Login Page

The fake login page has been created so that it looks like a genuine Facebook login.

If a victim enters his or her username and password on the bogus page and clicks the "Login" button, the following pop-up notice will be displayed:

Bogus Facebook redirect notice

The notice claims that the account confirmation has been completed. Clicking the "OK" button takes the user to the genuine Facebook website.

Users who submit their login details on the fake page will actually be sending their username and password directly to the criminals running the phishing scam. Because the scam notice redirects to the genuine Facebook website, the victim may not realize that his or her account has been compromised until it is too late.

Once they have stolen this information, the scammers can then login to their victim's real Facebook account and pose as the genuine user. They can also change account details thereby effectively locking the genuine user out of his or her Facebook account. Having successfully hijacked the user's account, the scammers can then use it to post spam and scam messages in the victim's name and steal any personal information stored in the account.

Phishing scammers regularly target Facebook users. Users should be very cautious of any email that claims to be from Facebook and asks them to click a link and provide login or other personal information.

Bookmark and Share



References
Fake Facebook Login Phishing Scam

Next Article

Issue 110 Start Menu

Pages in this month's issue:
  1. Facebook Account Update Phishing Scam Email
  2. Facebook Change Profile Picture to Cartoon Character Paedophile Warning Hoax
  3. Inaccurate Warning about Fake $50 Australian Banknotes
  4. Driving With Snow on Car Roof Fixed Penalties Hoax
  5. Elephant Encounter Story - Not the Same Elephant
  6. Facebook Warning Post - Apps Sending 'Not Very Nice' Messages Using Your Name
  7. Google Romance Malware Email
  8. St.George Bank Phishing Scam Emails
  9. New Fall Hat - Image of President Obama Wearing an Acorn Hat and Smoking
  10. BT Service Cancellation Notice Phishing Scam
  11. Liverpool and Manchester Shopping Centre Bomb Threat Hoax
  12. Adobe Acrobat Upgrade Phishing Scam Emails
  13. The Amazing Typewriter Art of Paul Smith
  14. Indian Government Award Advance Fee Scam
  15. Slow Dance Charity Hoax
  16. Chinese Hair Bands Made From Used Condoms
  17. Baby With Facial Deformity Money for Forwarding Hoax
  18. F-15 Crash Sequence Images
  19. Tampa Bay Beach Sea Monster