BBB Scam Alert: Facebook phishing scam scares page owners into sharing their password

The latest social media scam is yet another phishing scheme designed to scare Facebook users into sharing their login credentials. Here’s how you can spot the scam and protect your account from hackers.

How this scam works

You receive an email that appears to come from Facebook and says something like this: “Recently, we discovered a breach of our Facebook Community Standards on your page. Your page has been disabled for violating Facebook Terms. If you believe the decision is incorrect, you can request a review and file an appeal at the link below.” The message may also state that if you don’t act in the next 24 hours, Facebook will delete your account permanently.

The email includes a link that appears to lead to Facebook.com. Because you want to keep your account, you may think about clicking – however, you must stay calm and take a closer look. On closer inspection, you’ll likely find signs of a scam. These include typos, email sender addresses that aren’t related to Facebook, and, if you hover over the link in the email (without clicking on it), you will discover that it doesn’t point to Facebook’s website.

Another version of this Facebook phishing scam targets Facebook business pages with a threat to deactivate the account due to a Terms of Service or Community Standard violation. The message appears to come from Meta Business Support and requires the administrator to confirm the account by clicking a link, or it will be permanently deleted.

If you click the link, you’ll likely be taken to an official-looking page and prompted to complete a form to appeal the policy violation. You’ll be asked for your login email, phone number, name, and other details. The page will ask you to confirm your password when you hit submit. If you do, scammers will have all the information they need to hack your account.

How to avoid similar scams 

  • Don’t panic. Always read suspicious emails carefully, looking for signs of a scam, before you act. Remember that scammers love to target social media accounts, so fake alerts aren’t uncommon.
  • Verify the claims. Log into your Facebook account directly to verify there is a problem before deciding how to proceed.
  • Always log into your account directly. Even if you think an alert is authentic, use your social media app to log in or enter the URL in the browser bar by typing it, not by clicking on a link sent to you.
  • Guard your login credentials carefully. Never enter your login information on a third-party website or a page other than the official Facebook website. Never send your login information to someone via email or Facebook Messenger. If you entered your login credentials into a fake form, change your password immediately.
Spread the love