Home Facebook Related Overblown Facebook Warning – ‘Do Not Open Any PMs From Anyone!’

Overblown Facebook Warning – ‘Do Not Open Any PMs From Anyone!’

by Brett M. Christensen


Message posted on Facebook warns users not to open any private messages from anyone because the PMs may contain ‘malicious malware’. The message claims that just opening the PM will infect the user’s computer.

Brief Analysis

The message is greatly overblown and contains misleading information. Your computer cannot get infected with malware solely by opening a private Facebook message. People should certainly use caution when following links in private messages. But, this message is not a valid warning about PM related security threats and reposting it will help nobody. The claim that users should never open any PMs from anyone is just plain silly.


DO NOT OPEN ANY PMS FROM ANYONE!!!! Malicious malware being delivered by private messages, it will say it came from a friend, and JUST OPENING THE PM will bomb you, even if you don’t click on or open the file!!! REPEAT: DO NOT OPEN ANY PMS, run your malware scan and I advise downloading the Facebook malware app to secure your account!!!!!!!!!!


Detailed Analysis

According to this rather breathless message, which is currently circulating on Facebook, users should not open any private messages from anybody at all because they contain ‘malicious malware’. 
The warning, peppered with redundant exclamation marks for added impact, claims that the simple act of opening one of the infected private messages will immediately infect the user’s computer with the malware. The message advises users to run a malware scanner and download the ‘Facebook malware app’ to secure their Facebook accounts.

While its author may have been well-intentioned, this message is too overblown and inaccurate to have any validity as a warning and sending it on will do nothing to help keep Facebook users safe from security threats.

Despite the claim in the message, your computer cannot be infected with malware just by opening a Facebook private message. Certainly, private messages may contain links to websites that harbour malware. Or links in the PM could point to rogue apps, malicious browser plugins, or phishing sites. And the sender could add a potentially malicious file to the PM and try to trick the recipient into downloading it.

But, the simple act of opening the PM itself is not going to ‘bomb’ your computer with malware as claimed. Some sort of action on the part of the recipient – such as clicking a link or opening a file – would be required before any malware was installed.

Moreover, the suggestion that users should not open ANY private messages from anybody at all is overkill at its very best. Vast numbers of completely benign private messages are exchanged between Facebook users every day. Many users rely on the private message system to communicate with family, friends and co-workers. The claim that people should stop using the PM system altogether in response to a vague and misleading malware warning is just plain silly. The same advice could apply to email and the Internet in general. We could simply shut down our computers, smartphones, tablets and other Internet-connected devices and never use them again. That would certainly protect us from all manner of cybersecurity threats once and for all. But, that is obviously not a viable option, and we must employ more sensible approaches to security issues.

Let’s be clear here. People should certainly use due caution when opening private messages, just as they should with any other type of digital communication. Such messages could indeed point people to malware or scams. And, if a user’s account has been compromised, criminals may send out fraudulent private messages in their victim’s name.

But sending on the warning message is not an effective method of alerting users to potential threats that may be distributed via private messages.

It is unclear what ‘Facebook malware app’ that the warning is referencing. It perhaps means Facebook’s Malware Checkpoint facility, which offers users access to security software. But, yes, users would do well to install a reliable anti-malware scanner and run it on a regular basis. That suggestion in the message is worth heeding.  

Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,