Will your unread Facebook messages be deleted? Dream on, and don’t click on that email

Graham Cluley
Graham Cluley
@[email protected]

FacebookCybercriminals have spammed out messages claiming that recipients are at risk of having their unread messages on Facebook deleted.

The reason? To lure you into clicking on a link sent out by pill-pushers, that could end up making a hole in your pocket.

Here’s a typical example of an email that has been spammed out, claiming to come from “Facebook Administration”:

Facebook spam

Sign up to our free newsletter.
Security news, advice, and tips.

You haven’t been to Facebook for a few days, and a lot happened while you were away.

“A lot happened while you were away”?

Yeah, right.

Like you missed a few cat videos, and some folks who alerted the world to their Candy Crush addiction by allowing it to post messages on their Facebook feed, someone you went to high school with has been tagged in a photograph looking fat, and your Aunty Gladys has apparently liked an “OMG You won’t believe what happened in this video” survey scam.


Here is another example of a message sent out by the spammers:

Facebook spam

A lot has happened on Facebook since you last logged in. Here are some notifications you’ve missed.

When I clicked on the links on a test computer, I was redirected to a Canadian pharmacy website selling medications to “improve your bedroom performance”.

Canadian pharmacy website

As we’ve discussed many times before, you’re taking big risks by buying Viagra and similar drugs online – not only because of the harm which could be done to your health, but also because if whoever is promoting such websites have no qualms about driving traffic through fake Facebook email notifications, who knows what they would do with your credit card details?

But also, the links embedded inside the emails could have taken victims into other dangers. For instance, users could have been redirected to webpages that have been compromised and launch an exploit kit to silently install malware onto visiting computers, or a phishing page designed to steal Facebook credentials.

Be aware of the risks, and always be cautious about clicking on links in unsolicited emails. If you’re not sure if you a communication from Facebook is legitimate or not, log onto the site by visiting it directly (https://www.facebook.com), not by clicking on a link in an email.

If you are on Facebook, and want to be kept updated with news about security and privacy risks, and tips on how to protect yourself online, join the Graham Cluley Security News Facebook page.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.