Some email scams are obvious, others are not. The best ones (or worst ones, rather) are those that take advantage of familiarity to trick you into clicking on them.
You have a new personal message
I recently received a email with the familiar Facebook colour scheme and layout. I noticed that the sender was not “Facebook” but was from some stranger, “Ava”.
The subject heading of the email read:
You have unread messages that will be deleted in a few days
Oddly, the familiar blue bar is missing the usual “Facebook” title, and yet most of us would visually recognise this as being from Facebook and not even notice the missing title. In fact, it was only after I scrutinised the contents more closely that I realised that the word “Facebook” doesn’t appear anywhere on the email.
How to protect yourself from such scam emails?
The easiest way to tell if emails like these are legitimate is to move your mouse cursor over any buttons or links in the suspect email and note the URL in the pop up.
Hovering over the “view messages” button reveals that it it doesn’t go to our Facebook inbox at all. Instead, a link to the spammer’s own website is displayed, to a page with the telling title: “incapacitate”. Wow, how brazen!
It is wise to avoid clicking on URLs in emails without paying close attention to where the link will take you.