Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

facebookmail.com is legit?


  • Please log in to reply
11 replies to this topic

#1 puravida999

puravida999

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 25 May 2015 - 11:37 PM

Hi everyone, today I'm a bit concerned about facebook. I put my altenative email in the "forgot my password" in facebook and oh surprise! someone used my email to register his facebook account 27 days ago. The guy was named the same but I'm concerned why was he allowed to register with my email?

 

I went to my email and changed the password of his facebook and then requested a delete of his account. So I received this messages in my email from facebookmail.com , this sent me the right codes to introduce to change my password but reading online they say it is a pishing link, anyone know anything about this?



BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 PM

Posted 26 May 2015 - 05:18 AM

Hi puravida :)

According to this Facebook Support article, the @facebookmail.com address is legitimate and belongs to Facebook indeed.

https://www.facebook.com/help/202744123101612?sr=2&query=facebookmail.com&sid=0UOSWvX8jv1SoqdCM

Edit: Also, if I check some of the emails I receive from Facebook due to the notifications, I get this:

auBoc6o.png

So it's indeed legitimate.

Edited by Aura., 26 May 2015 - 05:20 AM.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 puravida999

puravida999
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 26 May 2015 - 07:15 AM

Hi puravida :)

According to this Facebook Support article, the @facebookmail.com address is legitimate and belongs to Facebook indeed.

https://www.facebook.com/help/202744123101612?sr=2&query=facebookmail.com&sid=0UOSWvX8jv1SoqdCM

Edit: Also, if I check some of the emails I receive from Facebook due to the notifications, I get this:

auBoc6o.png

So it's indeed legitimate.

Thank you for your answer, I just forgot to say this emails were like "notification+kr4mqmknaean@facebookmail.com"  and changed the "kr4mqmknaean" everytime, does it make any difference?

, and what about someone using my email for his facebook? wasnt he supposed to confirm the link sent to the email?  :scratchhead:


Edited by puravida999, 26 May 2015 - 07:18 AM.


#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 PM

Posted 26 May 2015 - 07:32 AM

I didn't post the email address used to send the Facebook notifications (just in case there's personal information on it), but the sender's email is in the same format as yours. And I couldn't tell you to be honest. Was the account just created, or also activated and in use?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#5 puravida999

puravida999
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 26 May 2015 - 07:48 AM

I didn't post the email address used to send the Facebook notifications (just in case there's personal information on it), but the sender's email is in the same format as yours. And I couldn't tell you to be honest. Was the account just created, or also activated and in use?

Looks like created about 1 month ago because that's when the first picture was uploaded. The guy looks legit, has my same name but not last name. Also he has family members in his friends lists(because they have same last name). 



#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 PM

Posted 26 May 2015 - 07:49 AM

I would send an email to Facebook Support about that. Maybe they can explain what happened.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 puravida999

puravida999
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 26 May 2015 - 07:51 AM

ok, thanks  :thumbup2:

 

pd. what is their contact email?


Edited by puravida999, 26 May 2015 - 07:53 AM.


#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 PM

Posted 26 May 2015 - 07:52 AM

No problem, my pleasure :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#9 puravida999

puravida999
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 26 May 2015 - 07:33 PM

No problem, my pleasure :)

Ok so I contacted facebook community and they told me to find the verification email that was sent to my email when this guy registered with my email. I went and find that verification (the message wasnt even open) which leads me to think this guy just made a mistake while entering his real email and put mine (since my email is like name_xx_xx type) and probably facebook in that time didnt request verification in order to start using facebook.  :nono:

 

This guy hasn't do anything with his facebook since 20 days ago which maybe means that facebook wanted him to finally verify the email he entered(mine) but he couldn't do it because he didnt have my email password.

What are your thoughts?  :rolleyes:


Edited by puravida999, 26 May 2015 - 07:38 PM.


#10 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 PM

Posted 26 May 2015 - 07:35 PM

It looks logical to me. It's really easy to mistype an email address, even more so when you use a common one and only one letter or number is different from yours than another one. Their strict "verification" policy wasn't enforced until a small time ago. Even I at the beginning didn't have to verify my email so.

Edited by Aura., 26 May 2015 - 07:35 PM.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#11 puravida999

puravida999
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 26 May 2015 - 08:46 PM

Yeah, but maybe the reason he stopped using his fb wasnt because he couldnt verify it because when I logged in with his facebook (using the password sent to my email) I still didn't need any confirmation. So like I said as he probably registered before facebook asked for verification then he was allowed to keep using that account.

Anyways, I think everything is clear now. Thanks for your help.  :thumbup2:


Edited by puravida999, 26 May 2015 - 08:49 PM.


#12 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 PM

Posted 26 May 2015 - 08:48 PM

He might have realized that by now and created a new one using his real email address now, and since he can verify it, he have no need for the older account with yours.

And no problem puravida, it was my pleasure :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users