FYI
Over the last couple days, I have received several legitimate emails addressed to me from Facebook that reported they received my request to reset my Facebook password. Then they provided a code for me to enter, as well as a link to click to enter that code.
I say "legitimate" only in the sense that they really did come from a legitimate Facebook email address. However, I never made such a reset password request so obviously, somebody tried to access my account.
Now this could have been someone with the same name as me who forgot their password and is innocently trying to access his account. Or it could be a bad guy trying to take over my account.
Either way, I wanted to warn users to (1) don't be "click-happy" on any links in such emails - just in case the email is malicious. Instead, visit the site and your account as you normally would by entering the address in your browser's address bar. And (2) make sure you use very strong, and unique passwords on your social media and other important accounts.
Note this certainly is not limited to Facebook. I occasionally receive similar emails from my bank, from banks I have no relation with, credit card companies, and from all sorts of on-line shopping sites. NEVER EVER click on any link in those emails. The emails could be malicious using a form of "social engineering" designed to trick us into revealing our passwords or other personal information. Again, visit the site by entering their address in your address bar. If the email is from your bank or credit card company, you can always phone them using a phone number you get directly from their site, or the back of your credit card. Don't use a phone number from those emails!
If you did not initiate contact with the site and you receive a "unsolicited" email (or popup), assume it is malicious and do NOT click on any link, attachment or download. Just delete the email (or close the popup).
Over the last couple days, I have received several legitimate emails addressed to me from Facebook that reported they received my request to reset my Facebook password. Then they provided a code for me to enter, as well as a link to click to enter that code.
I say "legitimate" only in the sense that they really did come from a legitimate Facebook email address. However, I never made such a reset password request so obviously, somebody tried to access my account.
Now this could have been someone with the same name as me who forgot their password and is innocently trying to access his account. Or it could be a bad guy trying to take over my account.
Either way, I wanted to warn users to (1) don't be "click-happy" on any links in such emails - just in case the email is malicious. Instead, visit the site and your account as you normally would by entering the address in your browser's address bar. And (2) make sure you use very strong, and unique passwords on your social media and other important accounts.
Note this certainly is not limited to Facebook. I occasionally receive similar emails from my bank, from banks I have no relation with, credit card companies, and from all sorts of on-line shopping sites. NEVER EVER click on any link in those emails. The emails could be malicious using a form of "social engineering" designed to trick us into revealing our passwords or other personal information. Again, visit the site by entering their address in your address bar. If the email is from your bank or credit card company, you can always phone them using a phone number you get directly from their site, or the back of your credit card. Don't use a phone number from those emails!
If you did not initiate contact with the site and you receive a "unsolicited" email (or popup), assume it is malicious and do NOT click on any link, attachment or download. Just delete the email (or close the popup).
Last edited: