Home » Malware » Warning: Facebook “Deactivation” Spam Email Leads To Malware

Warning: Facebook “Deactivation” Spam Email Leads To Malware

  • Pin It
  • Pin It

The AVG Web Threat Research Group has uncovered a spam email currently in circulation, claiming to be from Facebook, advising that the recipient’s Facebook account has been “deactivated”.

The email is NOT legitimate, and encourages users to click on included links, which lead to a malicious site loaded with the Blackhole Exploit Kit (a nasty threat that is very sophisticated and powerful, and can distribute Trojans and other forms of malware through the visiting computer).

A screen shot of the message has been included below:

Facebook "Deactivation" Spam Email

The odd phrasing used in the email is a dead give-away: “You will then be able to exploit the site as before”. We don’t think the average user thinks they are “exploiting” Facebook when accessing the site!

Here’s what appears when any of the links are clicked in the message; a familiar indication of Blackhole:

Facebook "Deactivation" Spam Email - Link

Naturally, we suggest simply deleting any email message you receive that appears to be suspicious. And if you do accidentally open one, never click on any of the links included, as these will more than likely lead to malware (as in this case) or a survey scam that will fill the pockets of a cybercriminal once completed.

Of course, the best line of defence against spam email is an active anti-spam solution, such as the one included in AVG Internet Security. These will often prevent you from seeing such messages in the first place!


If you’ve come across this message, or any other spam email of late, we’d love to hear about it! Submit a comment below, or post the details on our Facebook wall, to warn the rest of our community. 


Until next time, stay safe out there!


  • Rodneytucker48

    I deactivated Facebook about a month ago and I received an email that looked just like that example and I just deleted it. Would Facebook send that type of email

    • http://www.avg.com.au avgaunz

      Hi Rodney, naturally if you deleted your Facebook account, you can be sure that any email claiming to be from Facebook regarding activity on the site is spam. 

      However, Facebook do send notifications to users that are in the same layout as the message above. It is the small, suspicious things you need to look out for – like in this example, “exploit the site” just didn’t sound right. Additionally, it is always a good idea to look at the email address the notification comes from. You’ll see here that the message was from “facebookmail.com” rather than “facebook.com”. 

      If you’re ever unsure about an email, we suggest contacting the sender separately to ask whether it is the real deal. 

      Hope this helps!  

  • Lonytzapu

    I appreciate so much your care & detailed explainations of the new danger.


  • Disey

    Thanks for the update, glad you are there supporting us!

  • Sixtiechick

    Thank you for keeping updated to the possible threats that are coming thru …. your company’s service is invaluable…

    • http://www.avg.com.au avgaunz

      Thanks so much :) That means a lot! Glad you found the post helpful too! 

Is this worth sharing?
If you think this information would help keep others safe online, please share: