Facebook is a beloved brand used by millions of users around the world – so naturally, it’s a great tool in a cybercriminal’s arsenal as it widens his or her victim pool significantly.
MailGuard intercepted a phishing email purporting to be from the social media giant earlier today (AEST). The email infiltrated inboxes using the display name ‘Facebook’ with a domain to match. MailGuard understands the email actually comes from a single compromised domain made ad-hoc for this scam.
The email is titled ‘Action Required’ and begins its body by informing recipients that their ability to post any new ‘stories and/or events’ has been disabled on the platform until their identity can be verified. The email then requests the recipient to aid in verifying their identity by providing scanned copies of valid IDs such as their Driver's Licence, Passport, and Medicare card.
Here's a screenshot of the email:
This is a phishing email designed to harvest the confidential data of Facebook users for malicious intent, such as committing identity theft.
Whilst MailGuard is stopping this email scam from reaching Australian businesses, we encourage all users to be extra vigilant against this kind of email and whatever happens, do not respond to it.
This email scam preys on Facebook’s 800m+ users who use the social media network to view and post new content on an everyday basis. By claiming to disable such a key feature of the platform, cybercriminals behind the scam aim to spark panic and concern among recipients, motivating them to rectify the situation as soon as possible. Several techniques have also been employed to boost the legitimacy of the email, such as a convincing sender domain.
Despite this, several red flags appear in the email that would make any eagle-eyed recipient conscious of its inauthenticity. These include formatting errors (such as a different colour and font sizes of text within the list of scanned documents to provide) as well as spacing issues.
If you have received this email, report it to phish@fb.com or through the report links that appear throughout Facebook. More information can be found on Facebook’s Help Centre.
To reduce the risk of being tricked by one of these scams, you should immediately delete any emails that:
- Appear to be from a well-known organisation, typically a bank or service provider and are not addressed to you by name and may include poor grammar.
- Ask you to click on a link within the email body in order to access their website. If unsure call the company directly and ask whether the email is legitimate
- Offer money, reward or gift to entice you to hand over your personal details
- Ask you to submit personal information that the sender should already have access to or should not be requesting from you in the first place
One email
Cybercriminals use email scams to infiltrate organisations with malware and attack them from the inside.
All criminals need to break into your business is a cleverly worded message. If they can trick one person in your company into clicking on a malicious link they can gain access to your data.
For a few dollars per staff member per month, you can protect your business with MailGuard's predictive email security.
Talk to an expert at MailGuard today about making your company's network secure: click here.
Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below:
