Today Sophos and their online security blog nakedsecurity has released a statement regarding potential malware infections from fake Facebook notification emails:

Be wary of emails claiming to be from Facebook, and saying that you have been tagged in a photograph.

Because it might be that you’re the next potential victim of a malware attack.

Can you spot the issues with the above image? The email appears to be from Facebook, but Sophos points out that the “from” email address misspells Facebook as “Faceboook”. The rest of the email seems legit, but the links in the email do not take you directly to Facebook, they take you to a website hosting malicious iFrame scripts that can put your computer at risk for malware infections. However, the website then redirects you to a Facebook page of a seemingly innocent individual.

With the seemingly endless popularity that Facebook has these days, electronic attacks like these will only continue to happen. Us users need to be continually vigilant on the links we click and things we open in emails and web browsers. Sophos offers the great tip of hovering your mouse over links to see exactly where the link takes you, which in the case of this attack it shows it’s not directing to the Facebook website. Computer software such as anti-virus and anti-malware programs can only do so much to protect users from malicious attacks, users must continue to smartly use the internet.