Beware fake Facebook notifications arriving in your email

Many Naked Security readers have been in touch asking about emails they have received, claiming to come from Facebook.

The emails, which don’t – of course – really come from Facebook, claim that the recipient has “notifications pending”.

Subject: You have notifications pending

Hi,
Here’s some activity you have missed on Facebook.

4 friend request

[Go To Facebook] [See All Notifications]

You have to admit, the emails look pretty convincing. So it wouldn’t be at all surprising if many users were fooled into clicking on the link.

The link, of course, could go to anywhere. It could go to a phishing website, a webpage hosting a malicious download or something else unsavoury. When I tested the link in the emails I saw, they took my computer (via some redirects) to a Canadian pharmacy website offering to sell me Viagra and Cialis to improve my perfomance between the sheets.

Chances…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley •   @gcluley

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Bluesky, or drop him an email.