Today I received the below email with subject "Confirm your ownership of myemail@gmail.com" asking me to claim my facebook email address, first it seemed like an phishing email but on closer inspection of links and sender headers it turned out to be a genuine email with correct links and real facebook as sender. I was pretty sure there was something fishy and on researching the target link https://www.facebook.com/claim_email/check_code?email=myemail%40gmail.co... I discovered a recent working exploit for facebook which only got public on June,14 2013 and was used by someone to try and hack my facebook account. This noob friendly hack exploits a critical vulnerability in Facebook which allows a hacker to easily take complete control over any Facebook account if victim clicks the link while logged into Facebook.