Yesterday I had a spam email (nothing new there) purporting to be from a friend (nothing new there either).
It was only when I thought about it more carefully that I realised it was unusual, because it wasn't the friend's email address! It was her Facebook name, that she ONLY uses on FB, and further is not her real name!
So, my concern now is how did the spammers/scammers (email contains only a link I did not visit, which probably downloads malware) not only obtain my email address, but know the name of a FB buddy to "spoof"?
The Facebook name is not something common like: "Jane Smith", so that it might be coincidence. It's quite distinctive and unusual.
My FB account is as locked-down as it's possible to be, short of being visible to me only - i.e. only friends can see my email address, only friends can see my other friends, and I only have a dozen FB friends total - all of whom I know personally, as I never accept invitations from strangers.
I understand how scammers can and do have my email address without there necessarily being any security breach at my end, as they may either be bulk spamming huge numbers of permutations, the computer of someone who has me in the address book may have been compromised, or (increasingly) some crazy namesake who doesn't seem to know her own email address has been signing me up to stuff.
All of which are annoying, without being worrying.
But somebody having my email address AND the name of a FB buddy is more concerning, as FB itself is the only place these two things are explicitly associated.
Googling suggests there could have been a FB security breach in about 2012 or 2013 that briefly allowed 'unauthorised' people to see users' emails and friends lists.
However, although any such information gleaned at the time could still be out there 2016 seems a bit of a long time lapse before I'd notice the first attempted exploit.
Any ideas? Should I be worried (for me, or for the friend)?