Sooner or later it was inevitable. I’ve started seeing fishing emails posing as Facebook communications. Simply “click” to update your password.
After that, they use a Bot to get into your account, and push out spam messages to all those that follow you, friends, family etc.
As always, no matter how legitamate looking an email is, assume it is a phishing expedition. Most email programs and sites have a way to check the links. In Microsoft Outlook, simply hover over the linke (The underlined “here” above) and you’ll see the full link. Most scammers will put the legitimate name within the domain such as http://facebook.com.slkjsdf.eu in hopes that somebody will see the facebook and not realize the only thing that really matters is the characters before the final period in the URL. In this case, slkjsdf which is, obviously, not facebook.