Thanks to Gmail and its wonderful spam evaluating tool running behind it, our life on this virtual planet has been saved from over thousands of phishing emails coming in from bogus email ids claiming to be actually from sites like Facebook, PayPal, and many others. Yet, users on Facebook are not spared as they are directly targeted from the social network itself with the help of spam messages and rogue applications invites sent via Facebook Messages.
Recently, the social media giant Facebook filed new documents with the Securities and Exchange Commission (SEC), which in fact revealed that 955 million users, 8.7 percent of Facebook profiles were a fake, and nearly 14 million accounts were used only to spread spam messages.
This has not only resulted in a spammy network, but also has given hackers and spammers the best way to compromise Facebook accounts and steal user information. Many users who are tricked into clicking on spam links, often tend to fall for the trap and end up sharing their personal information with the spammers. This has been a serious issue from the past two years, and Facebook has made several attempts to create awareness amongst users.
In another attempt, the social media giant is taking its next steps to eradicate spammers and phishing messages from the network. With this, the company announced the launch of email@example.com, an email address available to the public to report phishing attempts against Facebook. Anyone – even those who aren’t on Facebook – can use it to report malicious emails that pretend to come from Facebook.
How is this going to help?
Facebook says, “By providing Facebook with reports, we can investigate and request for browser blacklisting and site takedowns where appropriate. We will then work with our eCrime team to ensure we hold bad actors accountable. Additionally, in some cases, we’ll be able to identify victims, and secure their accounts.”
Additionally, Mark Hammel, a Facebook engineer, says, “We have a pretty robust team here to deal with bad actors. This will give us extra visibility into people’s e-mail inboxes, where there wasn’t a good feedback mechanism in place.”
In a note on the Facebook Security page announcing the launch of firstname.lastname@example.org, the company has provided some helpful tips from the APWG on how to recognize potential phishing emails:
- Be suspicious of any email with urgent requests for login or financial information, and remember, unless the email is digitally signed, you can’t be sure it wasn’t forged or “spoofed.”
- Don’t use the links in an email, instant message, or chat to get to any Web page if you suspect that the message might not be authentic or you don’t trust the sender. Instead, navigate to the website directly.
As a Facebook user, it is advised that you make use of this email id to report any suspicious email or Facebook message that you receive, even if it comes from a friend on Facebook. Chances are that your friend’s account might have be compromised and the hacker is trying to obtain information from you to hack your account as well.
The best practise I would suggest you to follow is to ignore any emails or requests that you get, asking you to share your personal information, such as username, password or bank details. However, it would be really helpful for Facebook if you can alert them about the attack using the new email address, which could help others from falling for the trap.
Also, be sure to create awareness about the new email id. Do share this post with your friends and let them know on how to identify potential Facebook phishing emails.