Have you received a Facebook chat message from what appears to be “Facebook Security” ? You may want to hold on before following its instructions, it’s probably a phishing scam.
If you’ve ever logged on to Facebook and noticed a chat message notification from “Facebook Security” (or “Facebook Security Team”) threatening to remove or disable your account for some type of violation, then you’re not alone.
But is it from Facebook?
No. No division of Facebook will ever contact you across the chat messaging feature on the site. After all, they have better ways of getting your attention.
But what is it, and how are you receiving it?
Take a look at the message below that appears to come from Facebook Security that claims the recipient will have their account disabled.
In reality this is a standard example of a phishing scam. A phishing scam is an attempt by a scammer to pretend to be someone they are not to trick a victim into sending over information about themselves which is them exploited by the scammer.
In the case of the example above, the scammer is pretending to be Facebook Security, and clicking the link in most cases will direct the recipient to a site that looks like the Facebook login page – but it isn’t. It will ask you to enter your password and username, which is then sent to the scammer.
Sponsored Content. Continued below...
In cases like the example above, if you received the message then that means the scammer has managed to access the account of someone you are friends with. Possibly by using the same type of phishing scam!
After taking control of the friends account they have changed its name to “Facebook Security” (note the odd symbols that are not the actual letters – this is because the actual words “Facebook Security” are blocked by Facebook) as well as the profile picture. With the account name and picture changed, the account may appear to be an account belonging to Facebook.
There are many versions of the “Facebook Security” phishing scam, but most will attempt to alarm the recipient of the message into clicking the provided link. Most variants will threaten the recipients Facebook account, for example claiming it will be disabled for an “account violation” or “abuse” and the account will be blocked.
These assertion are untrue, and are merely designed to alarm the recipient into following the instructions and thus compromising their own Facebook account.
Another example can be seen below.
If you get a message like this pop up, don’t worry. It doesn’t mean your account have been compromised as well, providing you didn’t click the link and follow the instructions.
It does mean a friend has had their account compromised, in which case if you can determine which friend it is – possibly by visiting the account and looking at its history – you can tell your friend who in turn can warn all of their friends to be on the lookout for suspicious communication.
You can also navigate to the account and report it, telling Facebook that the timeline is using a fake name.
Further reading…
For more information on Facebook phishing scams, as well as more variants, click here.
For more information on locking down your Facebook account for optimal security and privacy, click here.