It’s quite simple to confirm that an email originated from Facebook, but only if you know where to look. We demonstrate how. You most likely receive dozens or hundreds of emails every day. How many of those are forgeries, attempting to dupe you into disclosing critical personal or business information? Your company may send you to training on detecting fraud in phishing emails. If you’ve been paying attention, you’ve undoubtedly learnt not t fall for most phishing schemes.
If the sender’s email domain differs from that of the ostensibly sending firm, this is a red sign. A message from paypal.com may be OK; one from paypal-account-verify.com is unlikely to be. Notifications advising you that you must click a link before a certain date or you will lose access to your account are likewise very dubious.
It’s unfortunate that Facebook appears to be sending genuine email that triggers these red flags. How can you tell whether an email purporting to be from Facebook is genuine? The greatest security suites can identify phishing emails, but what if you want to double-check a particularly challenging message? I’ll walk you through the steps I took with one such email below.
Read More: How to Delete Mail from a Mac
A Weird Facebook Message
I became interested in this issue after an old buddy inquired about a little strange email he received, apparently from Facebook. It stated that because his posts had “the potential to reach a large number of people,” he must join in Facebook Protect (Opens in a new window). Not only that, but he’ll be locked out of the account if he doesn’t do it within three weeks. There’s that nagging deadline.
To top it all off, the message was sent from the domain facebookmail.com, which is a departure from what you’d anticipate. That’s two strikes in a row. Oh, and Facebook Protect was created for “candidates, their campaigns, and elected officials,” according to its own definition.
My acquaintance does not suit any of those descriptions. And yet…the message does not request money, his password, or anything else malicious. It’s demanding on him beefing up his security.
How does that help a con artist? However, as bizarre as it may appear, Facebook says that it sends official emails from the facebookmail.com domain(Opens in a new window). Is it possible that the communication is genuine?
How to Check if an Email Is From Facebook
As it turns out, confirming that an email came from Facebook is quite easy—but only if you know where to look. This is how. Go to the Settings menu. Click your face at the top right of your Facebook profile page, then select Settings & Privacy > Settings to enter the main Settings page. Find the Facebook List.
Security and Login should be on the top left corner. Scroll down to the Advanced section after clicking that. Choose the option “See recent Facebook emails.” Complement Your Message. If you notice a match for the subject line of the suspicious mail, you may be very certain it’s genuine.
Check both the list of Security-related notifications and the category labelled Other. Instagram offers a very similar functionality, which is not unexpected given that Meta Platforms owns both Facebook and Instagram (Opens in a new window).
Read More: Finding Fake Android Apps
Alternative Methods of Verification
If the message in question does not show in the list of messages delivered by Facebook, it is likely that it is a forgery. Yet, based on observations, this may not be the case. I sent the aforementioned guidelines to my buddy who received the suspicious mail.
He claimed that there were no matches in the list of mails. On the other hand, he noted that Facebook has expanded the Facebook Protect program(Opens in a new window) to include journalists.
He happens to be a journalist residing outside the United States. At this time, I was sure that, despite its oddities, the communication was most likely genuine. I went over the original post and reviewed all of the links to back up my decision.
A scam letter that employs deadlines or other scare tactics to entice you to click a link will almost surely direct you to a harmful website. All of the links in this message go directly to facebook.com.
It remained the extremely rare chance that someone faked the sending address, email@example.com. Nothing I’d discovered thus far revealed any plausible reason for that kind of hack, but I looked anyway.
The Evidence Is in the Header
In the header of every email message is a collection of routing information and other metadata. This information is unusual. It’s not for you; it’s for your email client to utilise. But, if you want to look for indicators of address spoofing, you must examine the header data.
The way you read the header data of an email message depends on how you obtain your mail. In Gmail, choose Display Original by clicking the More button (three vertical dots) to the right of the Reply icon. This quickly demonstrated that the mail passed three anti-spoofing tests:
SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting & Conformance). That was all I needed to know; I didn’t bother selecting Download Original to see the exact header data specifics.