Security researchers warn that rogue emails posing as message notifications from Facebook direct recipients to rogue online pharmacy websites.The emails bear a subject of "You have 1 lost message on Facebook" and claim that a message could not be delivered because the inbox is full. They read:
"Facebook sent you a notification. You have 1 lost message on Facebook, to recover a message follow the link below: [link] FAQ: Can you recieve messages if your inbox is full?"
Of course, this is all made up. There is no ability to recover lost messages on Facebook and there is also no limit to the Facebook inbox.
All the links included in the emails lead recipients to Canadian Family Pharmacy websites which try to sell prescription and male enhancement drugs.
The Canadian Family Pharmacy brand has replaced the old Canadian Pharmacy after the closure of SpamIt, the largest rogue pharmacy affiliate program, last October.
"Of course, the people behind this spam campaign could change where they point you at any time, or vary the destination depending on what type of browser or operating system you are running, or where you are based in the world," says Graham Cluley, a senior technology consultant at antivirus vendor Sophos.
Such is the case with another spam campaign that currently generates Facebook emails and leads users to drive-by download exploits in an attempt to infect them with the ZeuS banking trojan.
The impersonation of social media websites is common and Facebook users have been targeted in such scams many times before. Users are advised to always treat unsolicited emails with caution, regardless of whether they originate from a trusted source or not.
The destination of links should be checked before clicking on them and any attachments should be scanned with online services like VirusTotal.