1 lost message on Facebook? Spammers pull a fast one with bogus notification

Facebook claims to have more than 750 million active users, and many of them would have steam coming out of their ears if they thought they had lost a message from one of their Facebook friends.

And that’s exactly what spammers are banking on in their latest campaign, where they have sent out messages pretending to come from Facebook:

You have one lost message on Facebook

Facebook sent you a notification

Sign up to our free newsletter.
Security news, advice, and tips.

You have 1 lost message on Facebook, to recover a message follow the link below: [LINK]

FAQ: Can you recieve messages if your inbox is full?

The spammers might also like to check their dictionary next time they compose an email. They’ve spelt “receive” incorrectly – as my mum always told me, it’s “i before e, except after c”.

Of course, in your hurry to read a missing message you may not have noticed the spelling mistake and may have blindly clicked on the link.

Can you guess what you’ll find at the other end?

Well, I must admit I was fully expecting to come across a phishing site – designed to steal my Facebook username and password by providing me with a bogus login screen. But instead, when I tried the link, I was redirected to a Canadian pharmacy website trying to pimp drugs to me instead.

Canadian pharmacy website

Of course, the people behind this spam campaign could change where they point you at any time, or vary the destination depending on what type of browser or operating system you are running, or where you are based in the world.

Always remember to be on your guard when receiving unsolicited emails. It’s child’s play to forge a “from:” address or to create an HTML email which looks at first glance to be the genuine article. A nice font and corporate colours do not a legitimate email make.

Hat tip: Thanks to reader Remy for sending us a tip about this spam campaign.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.