Recently, scammers have been using almost indiscernible branding and language from one of the world’s biggest social media platforms, and these phishing scams have been landing in email inbox trays more regularly than ever. Facebook phishing scams look like the real thing, tricking users into revealing their login information to gain access to their account, or download malware. Understanding what these scams are and how to identify them is vital to avoid falling victim. Here’s our guide to identifying email scams.
It is the fraudulent practice of sending emails (or other messages) in the pretence it is from a reputable company, in order to trick the user into revealing personal information, such as passwords or credit card information.
These bogus emails appear to be from Facebook, specifically, often prompting us to take action regarding our account that has been ‘disabled’ or has ‘violated Facebook terms’. Scammers use urgency to panic users into taking immediate action. The phishing email urges the recipient to visit a website or provide information to recover their account. However, these illegitimate claims will lead to the user being scammed. Despite the email appearing as if it has come from Facebook, by including logos and images that make them seem legitimate, there are a few ways to discern them from the real thing.
These types of scams routinely become more sophisticated and harder to decipher from the real thing. Fortunately, there are still several ways to identify a scam.
The first and easiest way to identify a Facebook phishing email scam is to check the sender's email address. Most phishing emails will use a fake email address that is designed to look like it is coming from Facebook. These fake email addresses may include variations of the Facebook domain name, but the only affiliated Facebook email addresses are as follows:
Phishing emails will often include links that take you to a fraudulent website that looks like Facebook. To check the validity of the link, hover your mouse over the link and check the URL that appears in the bottom left-hand corner of your screen. If the URL does not match the Facebook domain name or contains misspellings, it is likely a phishing link. Do not click on the link.
Phishing emails are often written in poor English and contain spelling and grammar mistakes. If you receive an email with numerous spelling and grammar mistakes, be suspicious and do not click on links or download any attachments.
A legitimate email from Facebook will typically address you by name and provide specific details about your Facebook account. If you receive an email that does not address you by name or does not provide specific details about your account, be cautious. Additionally, if an email is urging you to take immediate action or threatening to close your account if you do not click on a link or provide personal information, it is likely a phishing email scam. Simply try to log in to your Facebook account in a separate browser window. If it is in fact disabled, you won’t have access. If you do still have access, the email is a scam.
Phishing emails may contain attachments that, when downloaded, will infect your device with malware. If you receive an email with an attachment from an unaffiliated sender, do not download or open the attachment. Instead, delete the email immediately.
Whilst Facebook phishing email scams can be very convincing, it's important to remain vigilant when receiving emails that appear to be from Facebook. By following Sprocket’s guide outlined in this blog post, you can identify and avoid Facebook phishing email scams. We have recently seen a spate of scams coming from ‘Xero’ email addresses. If you receive an email of this nature and are unsure of its authenticity, feel free to reach out to us for advice.
With well over one hundred 5-star Google reviews, its safe to say we are the real deal. Client relationships and demonstratable results are our priority. If you'd like to know more, we'll even let you talk to some real clients.
