Henry, Isabella and Luke Didn`t Comment on Your Facebook Photo! They`re Scammers

A wave of e-mails disguised as Facebook messages alleging that “Henry,” “Isabella” and “Luke” commented on your photo is the latest in a line of spam and scams to prey on Facebook fans.

The spam e-mails seek to pique users` curiosity only to redirect them to malicious and phishing websites that could steal their identity, their money and install malware on their computers.

The Bitdefender Labs caught the new spam wave that takes advantage of the social network`s popularity and users` gullibility to lead them to several compromised websites hosted on the top-rated “.com” domain or on Denmark`s “.dk”.

The messages use Facebook`s logo and e-mail format to lure users to malicious domains, which have hosted badware at some point.

Here are a few simple tips to steer you clear of all sorts of e-trouble and keep your computer clean:

• Delete e-mails such as “X commented on your photo” if they aren`t addressed to you personally, and don`t come from your friends. This type of e-mail may bypass the e-mail services` antispam filter, so it`s good to have an updated antivirus installed.
• If you did open the message, hover the cursor over the hyperlinked text. If it doesn`t lead to the official www.facebook.com website, it`s a scam.
• Avoid clicking on links in e-mail messages in general. Type the URL of the website directly in the browser and log into your account when you see the “https” sign in place.
• Be cautious when bypassing security warnings from your operating system and browser. Some websites may install applications that will harm your computer.
• Install a social media security tool such as Safego. It`s free, easy to install, and will protect you and your friends from the latest online dangers both on Facebook and on Twitter.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

This article is based on the technical information provided courtesy of Daniel Ichim, Bitdefender Spam Researcher.