Facebook has taken the unusual step of sending its users email asking them to click on a link so they can restore site configuration settings that were recently lost.
The Email is something like that:
“Unfortunately, the settings that control which email notifications get sent to you were lost,” the email says. “We’re sorry for the inconvenience. To reset your email notification settings, go to http://www.facebook.com/editaccount.php?notifications.”
The wording sounds like so many phishing emails we’ve all received over the years. Except it’s not, and that’s unfortunate because it threatens to desensitize newbies to the ever-present dangers of phishing attacks.
The move, because it flies in the face of everything security experts advise against, took some Facebook users by surprise. “I’m amazed to see a large organization like that sending something that looks so obviously evil,” wrote Reg reader Kevin Lentin, who first brought our attention to the emails. “It would have been better to send an email saying ‘please go to our website and login.'”
That’s because Facebook is one bigger targets of phishers. With all the spammers eager to trick users into clicking on dodgy links, you’d think Facebook’s security team would bend over backwards to educate their users to steer clear of them in emails, no matter where they appear to come from.