Facebook Scam Warning – Photo Tag Email Contains Malware Link

There’s another Facebook related scam circulating presently that you’d be advised to keep on the lookout for. Instead of actually residing of the social network itself like the free voucher or free product scams that we often see duped into clicking on, this one will appear in your email inbox.

Yesterday Sophos’ NakedSecurity blog explained how its SophosLabs intercepted messages from a spam email campaign that was designed to spread malware. Victims would receive an email, ostensibly from Facebook, alerting them to the fact that they had been tagged in a photo.

However, if someone clicks on the link they will be taken to a malicious iFrame script that exposes their computer to malware. After four seconds, the browser is directed to a seemingly innocuous Facebook page designed to fool the user.

Sophos provided some screen shots to show people what to look out for:

Facebook Malware email

Facebook Malware page

You may have noticed from the email that the ‘From’ address is actually spelled “Faceboook”. Incorrect spelling – especially of brand names – is one common indication that an email is fraudulent, although it is not too difficult for an adept hacker or spammer to spoof a source address. Hovering over a link to see where it wants to take you is always a sensible practice, and a good way of telling whether the email in your inbox is legitimate or a scam.

Have you been affected by this, or any other Facebook related scam? Please leave a comment to describe your experience so that others may learn what to look out for.


  1. Hmm it appears like your website ate my first comment (it was super long) so I guess I’ll just sum it up what I wrote and say, I’m thoroughly enjoying your blog.
    I too am an aspiring blog writer but I’m still new to everything. Do you have any tips for first-time blog writers? I’d genuinely appreciate it.

  2. I think everybody should check out the Scam Detector app. I believe they’re online as well.

Comments are closed.