The "click here" link will secretly redirect victims through a number of sites and finally land them on one serving exploits for two Java Runtime Environment and a Adobe Reader and Acrobat flaw, warns Webroot.
If any of the exploits are successful, the user will be saddled with a Trojan that is currently detected by only 3 out of the 46 AV solutions used by VirusTotal.
If you receive an email like this one and are not sure whether it's legitimate or not, contact Facebook and ask them whether they have sent it before even thinking of clicking on the offered link.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.