'Facebook Technical Support' Pharmacy Spam

Outline
Email purporting to be a notification from Facebook Technical Support claims that the recipient has a message awaiting a response and he or she should click a "Go to Facebook" button to read the message.



Brief Analysis
The email is not from Facebook and the recipient does not have a technical support message waiting as claimed. Instead, the link in the message leads to a notorious "Canadian Pharmacy" website that attempts to sell dodgy pharmaceutical products to unwary Internet users. If you receive one of these spam messages, do not click on any buttons or links that it may contain.

Enter your email address to subscribe to the Hoax-Slayer Newsletter:

Scroll down to submit comments
Last updated: February 13, 2013
First published: February 13, 2013
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

Example


Detailed Analysis
This email, which has been disguised so that it closely emulates a genuine Facebook notification email, claims that a message from Facebook Technical Support is awaiting a response from the recipient. The user is urged to click a "Go To Facebook" button, ostensibly in order to read the awaiting message.

However, clicking the button in fact opens a suspect Canadian Pharmacy website that tries to peddle visitors dodgy pharmaceutical products. The message has no connection to Facebook whatsoever. The spammers have simply copied the formatting and colour scheme of genuine Facebook messages as a means of enticing unsuspecting recipients into following their link.

The spammers apparently believe that that, by disguising their spam message as something completely unrelated to pharmaceutical products, it may effectively bypass spam filters as well as trick recipients into clicking the link and visiting the site. The spammers hope that at least a few recipients will actually stay on the site and purchase their suspect products. Since this is a tactic that has been used and reused over and over again, it obviously does work.

It is very foolish - and potentially dangerous - to buy medicines from one of these bogus pharmacy sites. Firstly, even if you do actually receive a product that you order, you have no way of knowing if it is the real thing or some potentially dangerous substitute. Secondly, because the medicine has not been properly prescribed by a doctor, it may interfere with other medications that you are taking or be unsuitable for you due to existing health conditions. Thirdly, these sites often use unsecure pages to process credit card transactions, which could certainly put your credit card details at risk. Fourthly, any group unscrupulous enough to use such deliberately deceptive spam tactics is not one you should trust with your credit card details or other personal information.

Such email campaigns are are very common spammer ruse. In a similar campaign, users received emails falsely claiming that their Facebook account had been deactivated. As in this example, links in the emails pointed to an online drug store. And spammers have also used bogus Twitter and LinkedIn emails that featured links to Canadian Pharmacy websites.

Users should be aware that such pharmacy spam websites are also known to harbour various types of malware, which if inadvertently downloaded by visitors, may steal personal information from the compromised computer and send it to Internet criminals.

References
Facebook Deactivated Account Spam
Pharmacy Spam Disguised as Twitter Emails
Fake LinkedIn Email Leads to Pharmacy Spam Website

Last updated: February 13, 2013
First published: February 13, 2013
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer