A new scam threatens to close your Facebook account... Here are some tips

28 April, 2022
Share with a friend

A new scam threatens to close your Facebook account... Here are some tips

Facebook users are being warned of a nasty new scam that starts with an email claiming that their account is about to be closed.

Researchers at Abnormal Security have discovered a new phishing attack designed to steal passwords from Facebook users. The scam begins with the victim sending an email purportedly from the "Facebook Team" warning them that their account may be disabled soon.

This is allegedly due to the user repeatedly posting content that infringes someone else's rights.

Once the victim is intimidated into believing that her Facebook profile may soon be deleted, the recipients of the email are urged to start an appeal.

The email includes a link that goes to a Facebook post, and inside this is another link that sends users to a separate website. 

To file an Appeal, a Facebook user is required to enter sensitive information including their Facebook password.

But this is all part of a sophisticated scam to trick people into handing over their Facebook account keys. Once the hacker gets this, he can not only collect information from the victim's Facebook account (which can be useful for identity theft), but he can also prevent the user from accessing their Facebook account.

Speaking of the threat, Abnormal Security said that there is one unique thing about this phishing scam that can make it particularly effective. "What makes this attack particularly interesting (and effective) is that threat actors take advantage of Facebook's physical infrastructure to carry out the attack," the study said. "Instead of sending the target directly to a phishing site via a link in an email, they are redirected to a post real on Facebook.

Because threat actors use a valid Facebook URL in the email, it makes the landing page particularly compelling and reduces the chance of a second target guessing the legitimacy of the initial email. In addition, it appears that attackers are targeting Accounts of people who manage Facebook Pages for businesses.

For these individuals, a disabled Facebook account will not be an inconvenience; It may have an impact on marketing, branding and revenue. And if they think their account is in jeopardy, they will have a special incentive to act quickly.”

And if you've already been targeted by this scam, or you want to stay safe from any future threats, Facebook on its website offers tips for phishing targets.

The social network advises anyone who thinks they have fallen into a phishing scam to report it, change their password and make sure they sign out of any devices they don't recognize.

Facebook also recommends that users turn on multi-factor authentication, which helps add an extra level of security to your account.

Share with a friend