Another day, another email scam that uses Facebook to trick unsuspecting users into visiting a shady pharmaceutical site. If the word “another” is confusing you, let’s just say that this style of scam isn’t making its first lap around the track.
Sophos’ Naked security blog is tipping Facebook users to a new email spam campaign that’s promising them something new and shiny that’s frankly pretty hard to resist: a brand new look to the Facebook profile.
The email will contain official-looking Facebook graphics and reads “You now have a new kind of profile. It is your collection of the photos, posts, and experiences that tell your story. Visit Facebook to choose your cover photo, add important events and photos from you past, and more.”
Clever, although it simply sounds like a description of the Facebook Timeline.
But the scammers aren’t that clever.
“If you look closely, you’ll notice that the spammers did a bad job of forging the ‘From:’ address in that email, but if you hover your mouse over the links contained inside the email you’ll see more evidence that something strange is going on,” says Sophos’ Graham Cluley.
If you click on the link, instead of going to Facebook you’ll be taken to a website for the “Toronto Drug Store.” That landing location has been used in numerous email scams in the past. Of course, by visiting the “Toronto Drug Store,” you’re most likely earning money for the spammers who are trying to drum up traffic for the sketchy site.
And there’s always the threat of malware.
The setup of this scam is particularly tricky, considering the backlash that Facebook has received concerning their mandatory shift to the new Timeline profile structure. Some users remain upset about the new design, so any email offering a new type of profile is going to be especially tempting to them.
Another recent Facebook-oriented scam affected users’ news feeds. Scammers offered something called “Facebook Black,” claiming that users could change the visuals of their Facebook UI. Of course, Facebook black doesn’t exist and those that clicked were being scammed.