Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


I didn't fall for a Facebook email phishing scam, did I?

  • Please log in to reply
No replies to this topic

#1 ireallyhateviruses


  • Members
  • 35 posts
  • Local time:04:11 PM

Posted 16 June 2017 - 11:32 AM

Early this morning, I received three emails within ~15 minutes (note: the email account that received these emails *is* connected to my Facebook account) from security (at) facebookmail (dot) com [using ZuckMail, version 1.00], all titled "XXXXXX is your Facebook account recovery code."


The body of each email was the same, saying, "Hi [my first name], We received a request to reset your Facebook password. Click here to change your password. Alternatively, you can enter the following password reset code: XXXXXX. If you didn't reset a new password, let us know. Thanks, The Facebook Team."


I did not click the "click here to reset your password," link but I did click on "let us know" on all three emails, which opened Facebook in a new tab and said something like, "Thanks for letting us know" and, "Still having problems?" I pressed the "still having problems" link, which lead me to another page within Facebook with a cartoon robot. It took a few moments to check my account for suspicious activity. There was nothing unusual. I then changed my password.


I then received another email from security (at) facebookmail (dot) com [using ZuckMail, version 1.00], saying I changed my password.


After that, I did some Googling to see if anyone else had an email from Facebook saying "here's your account recovery code!" I saw a lot of answers that said, "Don't click any links in those emails! They're phishing scams! If you click on one of those links and change your password, you will get hacked!"


Well, now I feel like an idiot. Are the first emails really from Facebook?


I don't think I've received emails from Facebook with an account recovery code and I have had Facebook for ten years, and I didn't receive a text message from Facebook, warning me or sending me a code. (I have two-factor authentication with my cell number attached, and I'm supposed to get alerts about unrecognized logins. I don't know if I should have received a text message if someone tried to reset my email, but I thought I'd mention that.)


Being paranoid, I changed my Facebook password yet again...!


So, did I fall for a fake-Facebook email scam, or were they real emails from Facebook?

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users