Hello, some pictures from Facebook

by on August 19, 2011

Due to the amount  hits and questions we get about some of the spam, virus, and phishing emails people receive I  am going to try to post  more of the emails we have sent to us online. I know there are a million site that do this so we aren’t going to just post it I am also going to help you recognize to help you spot these emails so you are not fooled by them.

This is an email I personally received.  The subject was simply Hello??, the email showed it was from facebook, and the email read like this:

Hello Man,
I don’t know how to say it, but I’ve tryed before a long time to send you some photos, but I’ve thought that you aren’t interested to see me. But now I’m going to send you the Photos in the Attachment. Download the pictures and extract they, I’m sure that you will like they. The password is: 123456
Have a great day.

So could this be legitimate? I guess so, I know that I wondered if someone had pictures of something I attended and given a business card to.  3 things stood out to me right away, the message was from Facebook, it was sent to undisclosed recipients, and the email address was @ hi5.com.

Now let me break down my 3 reasons. Firstly,  I don’t have a facebook account (yes, I know i’m the only one). This is not really a cause for suspicion as many people do actually have a facebook account.

Secondly, as you can see from the screenshot , the message was sent to undisclosed recipients. This means that the sender BCC’d (blind carbon copied) everyone he sent it to. So that is a good indication that the email was sent to multiple people.  This is usuall the first and easiest indicator. if someone was sending you pictures with such a “personalized” and direct email, wouldn’t they just be sent to you directly?

Third, the email says it’s from facebook, however, the email address is info@hi5.com. If it was from facebook it would be info@facebook.com or something @facebook.com.  The email also had an attachment, and exe file. If someone attached pictures they would be in a .jpg  format and are usually just attached to the email itself.  Had i run the exe file I would no doubt have a fake antivirus take over my system. I didn’t run the file, but would like to in a virtual environment. When I do I will update this post.