Straight Talk: Don't fall for Facebook scam that targets passwords

Better Business Bureau
·3 min read
1
BBB logo
BBB logo

The latest social media scam is yet another phishing scheme designed to scare Facebook users into sharing their login credentials. Here’s how you can spot the scam and protect your account from hackers.

How the scam works

You receive an email that appears to come from Facebook, saying something like this: “Recently, we discovered a breach of our Facebook Community Standards on your page. Your page has been disabled for violating Facebook Terms. If you believe the decision is incorrect, you can request a review and file an appeal at the link below.” The message may also state that if you do not act in the next 24 hours, Facebook will delete your account permanently. The email includes a link that appears to lead to Facebook.com. Because you want to keep your account, you may think about clicking – however, upon closer inspection, you will likely find signs of a scam. These include typos, email sender addresses that are not related to Facebook, and, if you hover over the link in the email (without clicking on it), you will discover that it does not direct to Facebook’s website.

Another version of this Facebook phishing scam targets Facebook business pages with a threat to deactivate the account due to a Terms of Service or Community Standard violation. The message appears to come from Meta Business Support and requires the administrator to confirm the account by clicking a link, or it will be permanently deleted. In both cases, clicking the link will take you to an official-looking page and prompt you to complete a form to appeal the policy violation. You will be asked for your login email, phone number, name, and other details. The page will ask you to confirm your password when you hit submit. If you do, scammers will have all the information they need to hack your account.

How to avoid Facebook phishing scams

Do not panic. Always read suspicious emails carefully and look for signs of a scam before you act. Remember that scammers love to target social media accounts, so fake alerts are not uncommon.

Verify the claims. Log into your Facebook account directly to verify there is a problem before deciding how to proceed.

Always log into your account directly. Even if you think an alert is authentic, use your social media app to log in or enter the URL in the browser bar by typing it, not by clicking on a link sent to you.

Guard your login credentials carefully. Never enter your login information on a third-party website or a page other than the official Facebook website. Never send your login information to someone via email or Facebook Messenger. If you entered your login credentials into a fake form, change your password immediately.

FOR MORE INFORMATION – Read more about social media scams and social media advice at BBB.org/socialscams. If you spot a social media scam, report it to BBB.org/ScamTracker. Your reports help us build community awareness about common scam tactics.

FOR BBB INFORMATION – Visit BBB.org or call us at 330-454-9401 to look up a business, file a complaint, write a customer review, read tips, find our events, follow us on social media, and more!

This article originally appeared on The Alliance Review: BBB warns of Facebook scam that targets users' passwords