Subject: Joe Unknown tagged a photo of you on FacebookSecurity vendor Sophos advise Facebook users to check the spelling in the email, with a misspelled word as a key giveaway.
From: Facebook <firstname.lastname@example.org>
"If you click on the link in the email, you are not taken immediately to the real Facebook website. Instead, your browser is taken to a website hosting some malicious iFrame script (which takes advantage of the Blackhole exploit kit, and puts your computer at risk of infection by malware)," it said in a blog post.
"Did you notice what was odd about the email? The 'from' address misspells Facebook as 'Faceboook' with three 'o's," it said.
"Even if you didn't notice that 'Faceboook' was spelt incorrectly, you could have seen by hovering your mouse over the link that it wasn't going to take you directly to the genuine Facebook website," it added. ☺