Facebook Account compromised. Is there any way to stop the phishing?
September 12, 2008 7:35 AM

My cousin's Facebook account was compromised and some person or bot is sending spam to his Facebook friend list. He canceled his Facebook account a month ago, but spam keeps arriving in my email box -- as if my cousin is still a Facebook member. The spam seems to be arriving from a legitimate Facebook domain.

To make it worse, he is a young man just starting college and these spams are going out in his name. Not good for his social life. I'm trying to help him. He is distressed by this. Canceling the Facebook account didn't stop the problem.

Is there anything that can be done???

Here is an example of the spam. (For confidentiality, I changed my cousin's name and my own Facebook id number.)

=========================
---------- Forwarded message ----------
From: Facebook (wallmaster+oscowy89@facebookmail.com)
Date: Thu, Sep 11, 2008 at 3:58 PM
Subject: FIRSTNAME LASTNAME wrote on your Wall...
To: FIRSTHAME LASTNAME

FIRSTNAME wrote on your Wall:

"You have a new crush! check it out go here
yourcrushisreal . com (remove the spaces)"

To see your Wall or to write on FIRSTNAMES's Wall, follow the link below:
http://www.facebook.com/n/?profile.php&id=MYFACEBOOKID#wall

Thanks,
The Facebook Team

___
Want to control which emails you receive from Facebook? Go to:
http://www.facebook.com/editaccount.php?notifications&md=etc... (I truncated this)

==========================

The Facebook Security Page has the following info:
"It is possible that malicious software was downloaded to your friend's computer or that their login information was phished in an attempt to send spam from their profile. We would like to investigate this issue further, but unfortunately, we cannot release information regarding a user’s account to anyone but the account holder. Please tell your friend to visit the Facebook Help Center and contact us."

The "contact us" link does not work and I don't see any way to contact Facebook.

Suggestions?
posted by valannc to Technology (8 answers total)
I'd investigate whether they're right about malware being on the computer first. Then once you've ruled THAT out, then you can contact the Facebook Help Center -- but find it by poking around in the Facebook web site rather than using any of the "contact us" links from one of those emails.

Or, you could find it IS malware after all, and getting rid of it will take care of the problem.
posted by EmpressCallipygos at 7:44 AM on September 12, 2008


The "From" address in email messages is absolutely untrustworthy, I can just as easily send an email that looks like it comes from owner@facebook.com as I can my own.

What's likely happened is this person has gotten into your cousins facebook account and scraped all the information into a database, then every X days it just fakes an email using that old information to get some clicks. Doesn't matter that the account is dead since it's not actually touching Facebook.

Unfortunately, there's very, very little you're going to be able to do to solve it. It's not really Facebooks problem (since the email isn't actually orignating from them, only seeming to) so there's nothing they can do to actually stop it.

My only suggestion is to get your cousin to email all his friends, let them know what's happened and tell them to ignore any emails that seemingly come from his facebook account.
posted by Static Vagabond at 7:55 AM on September 12, 2008


Can you show us the email headers? That will give a better idea if the message really came from Facebook.
posted by justkevin at 7:59 AM on September 12, 2008


You let facebook email you? why? Well, turn off all facebook emails now. If your still getting emails, then it's not facebook's fault. Do you have any direct control over your spam filters.
posted by jeffburdges at 10:11 AM on September 12, 2008


It's impossible to tell without the headers, but that e-mail looks legit, like it came from Facebook. Did you see a corresponding post on your Wall? Can you see your cousin's Facebook profile?

As the first step, your cousin should log in to his Facebook account, change his password, and then deactivate it again. If the spammers changed his password, he may have to use the e-mail password recovery feature before he can log in.
posted by qvtqht at 1:07 PM on September 12, 2008


No solution here, but I've been getting the same emails from a friend's facebook account, or supposedly so, and have assumed they are spam, too.
posted by purenitrous at 3:45 PM on September 13, 2008


Thanks to all for your responses.

I don't have any additional header info. This is all the my gmail provides.

I doubt these spams are coming from facebook. My cousin canceled his facebook acct weeks ago. There was nothing posted on my facebook wall. I think these are spammers who took my cousin's friend list. And nothing can be done.

Next time I visit the relatives, I will scan their computer for malware.
posted by valannc at 3:57 PM on September 14, 2008


You can get the header info on gmail by clicking the dropdown menu in the top right corner of the email (right next to the "reply" button) and selecting "show original". You'll get a plain text version of the message showing all the headers.

I tend to agree with the commenters above that the emails aren't coming from Facebook and therefore there's not much you can do.
posted by ScottMorris at 7:22 PM on September 15, 2008


« Older How far is enough?   |   So... not Hemingway. Newer »
This thread is closed to new comments.