If you received an email from firstname.lastname@example.org, it can be hard to tell if it is real or fake, legitimate or suspicious.
While Facebook help does say that they send email notifications from Facebookmail.com, just because an email has that domain in the from address doesn’t necessarily mean it is real. Like on a real envelope, you can put 1600 Pennsylvania Avenue, Washington DC, as the From address, bad people do that with emails to impersonate (or spoof, in technical terminology).
One email I had received in several of my inboxes had this content:
Subject: DJ, get back on Facebook with one click
It looks like you’re having trouble logging into Facebook. Just click the button below and we’ll log you in.
This looked suspicious to me, because it made it too easy to click. Someone from Facebook Help Team had also said this kind of an email looked suspicious. But it’s hard to tell definitively if Facebook actually generates an email like this. Here’s a safety tip: never click on a button or link in an email!
To verify what a real Facebook email looks like, I went to facebook.com in a private new incognito window and clicked on the “Forgot account?” link. I filled in the form with my email address, and then I received an email that looks like this:
And wouldn’t you know it, the URL for the “let us know” link is https://www.facebook.com/login/recover/disavow_reset_email.php?n=26267&i=www&id=501181234 and the Change Password button link goes to https://www.facebook.com/recover/code?u=501181234&n=26267&exp_locale=en_US&s=23.
Conclusion: it’s hard to tell. But when you’ve initiated the forgot account command to reset your password, and you receive a security email at that time, it’s very likely a legitimate email that you generated.
But if security emails are coming to you at a random time when you know you weren’t trying to access your account, then something suspicious may well be happening. Best response is to not respond and do nothing.
For additional help, here’s official Facebook answers: