An email came in to me this morning warning me that I had deactivated my Facebook account.

It reads “You have deactivated your Facebook account. You can reopen your account at any moment by logging into Facebook using your old login email address and password. After that you will be able to exploit the site as usual.”

The colors and HTML matching Facebook are dead on. My name was correct and even an unsubscribe link was provided. Problem is that this is a very good phishing email. Phishing is when someone spoofs an e-mail in an attempt to falsely solicit information from a user for either profit or identity.

Clicking on these links will take you to a rogue site which will most likely be trying to hijack your Facebook account. As you can see in our photo below it is a very accurate email but when you line your mouse over the link you can see that it is not a Facebook link. This is a tip I have repeatedly shown people to avoid clicking on a rogue link, however it is still better to open Facebook (or any site you log in to) yourself or via bookmarks and login like you normally would.



With Ransomware spreading in the United States it is more important than ever to be careful what you click on. Ransomware is when someone manages to take control and lock your computer and demand a fee to unlock your computer. Consider using RoboForm Everywhere to safely and securely make sure you are logging in to the correct website.

Update:

This email also just arrived. The difference here is the links don’t work. The links go to http:/// so no one will be harmed by this one…. For now. One can safely assume this will be corrected on the next batch of emails. As you can also see they used @facebookmail.com rather than facebook.com so this one is full of fail but keep your eyes peeled for the corrected version to show up which will look as good as the first picture posted above.