In a new incident, an email came in which claimed to be a notification from Facebook. The subject line read ‘Your messages will be deleted soon baird.’ Well, it did end up in my spam email, but the subject line did make me curious as to why would a Facebook message go into spam? On analyzing the same, as usual, I opened it on my Gmail app, only to find out that the message was well camouflaged with a Facebook theme and font. The message in the body stated that ‘You haven’t been to Facebook for a few days, and a lot happened while you were away. Your messages will be deleted soon.’ Below the themed message window were two icons to ‘view the message’ and ‘go to Facebook.’ Apart from this, the footer on the email also looks like the genuine message footer from Facebook. It stated, ‘This message was sent to email@example.com. If you don’t want to receive these emails from Facebook in the future, please unsubscribe. Facebook, Inc. Attention: Department 415 P.O Box 10005 Palo Alto CA 94303.’ Do note that the messages to be deleted text, the two buttons and the unsubscribe text were all hyperlinked, leading to a website outside the mail box.
This could not be happening since most of our day usually goes checking out our Facebook timeline and we definitely don’t skip any messages. However, an unsuspecting victim would curiously click on the links (buttons) to know what messages are in store are for him, and check them out before it is ‘deleted by Facebook.’ Once clicked, the link takes you to a shopping website. The scamster’s work is done here. He has managed to trick you into viewing an ad, landing up on a website, that in turn pays him for each click and view. Victims who click it might think it was an error and try again. The same thing happens. Then he tries clicking on the other links too, which takes him to the same website, but different pages each time — the scamster wins again — he made a few cents off your click. Now imagine if this message sent by him around the world accounted in big numbers. He gets free money y simply tricking you into visiting the website for him.
Source: Deccan Chronicle