On Wednesday morning, I awoke to find a curious email in my inbox. It was an email from Facebook with a security code and link prompting me to reset my password. Hmm… I didn’t request a password reset. Furthermore, the email came in at 10:41 PM. I was sound asleep at that time. (Early to bed…)
My first instinct led me to believe that this was a phishing email. But when I checked the reply address and hovered over the link, it seemed that this could be a legitimate message. Still I didn’t follow the link…
If this was indeed a legitimate message, it likely meant that someone was poking around and trying to gain access to my account. I went directly to Facebook to make sure I could still log in with my current password. Whew! It hadn’t been changed and I could still access me account.
Facebook has MANY tools to help you monitor and decipher your account activity. Unfortunately, these tools are buried in long lists and menus. Here’s what you can do to determine if that email was really from Facebook.
As a precaution, I changed my Facebook password and confirmed that two-step authentication was still enabled.
The story doesn’t end there. Since the email was sent to my Yahoo email account, if a bad actor had gained access to my email, they would have easily been able reset my password and compromise my account. So I reset my Yahoo password as well, making sure not to re-use an old password or one that I use with other accounts.
The moral of the story… It’s a good idea to keep an eye on your FB activity and follow up on anything that seems suspicious or out of the ordinary. Stay safe Facebookers!
