Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    Subscriptions    Contact
Bookmark and Share

Issue 117 - August 2011 - Page 19

Alert From Facebook Security Team Phishing Scam

Issue 117 Start Menu

Previous Article            Next Article

Message, purporting to be from the Facebook Security Team, claims that the recipient’s Facebook account may have been compromised and that he or she must follow a link to verify account details within 12 hours or risk having the account permanently suspended.

Brief Analysis
The message is a phishing scam designed to steal Facebook and webmail account login details and other personal information from recipients. Note that there are several versions of these scam messages currently being distributed. The wording of the messages may vary.

Bookmark and Share
Detailed analysis and references below example.

Last updated: 30th June 2011
First published: 30th June 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

Subject: Did you log into Facebook from somewhere new?

Dear [Username removed]

Your Facebook account was recently logged into from a computer, mobile device or other location you've never used before. We have reviewed your account activity, and we get information about possible unauthorized access to your Facebook. We have provided a warning to you via email, but you do not respond to our notification.

“Your account was accessed from a new location : Anonymous Proxy.”

If you are not signing into your Facebook account from "Anonymous Proxy", your Facebook account may have been compromised. We recommend immediately verify your account by carefully on the link below to protect your Facebook account. It may take a few minutes of your time to complete your data.

Please be sure to visit the Facebook Service Account for further information regarding these security issues.
[link to scam page removed]
Note : If within 12 hours, you have not verified your account, then you have ignored our notifications. Therefore, your account is permanently suspended, and will not be reactivated for any reason.

Facebook Security Team

Detailed Analysis
This message, which purports to be from the “Facebook Security Team”, warns the recipient that his or her Facebook account may have been compromised. According to the message, the account was recently logged into from a computer, mobile device or other location that the user has not previously used, and the account was therefore flagged because of a possible unauthorized access. The message urges the recipient to click a link in order to verify the account. It also bluntly warns that, if the verification is not completed within 12 hours, the recipient’s Facebook account will be “permanently suspended, and will not be reactivated for any reason”.

However, the message is certainly not an official Facebook security notification. Instead, it is a phishing scam designed to steal personal information from users. Users who fall for the ruse and click the link in the message will be taken to a bogus Facebook page where they are asked to enter their Facebook login details along with other personal information, as shown in the following screenshot:

Facebook Security Team Scam 1

Once they have entered the requested information, they are then presented with a second fake form that asks them to provide their webmail login details:

Facebook Security Team Scam 2

Finally, users are presented with yet another page that informs them that the verification process is complete:

Facebook Security Team Scam 3

In reality, all of the information entered into the bogus forms can be collected by Internet criminals. Armed with this information, the scammers are able to hijack both the Facebook account and the webmail account used by their victim and use these hijacked accounts to conduct further fraudulent activities. They may also be able to use other private information collected on the bogus forms along with information stolen from within the hijacked accounts to steal their victim’s identity and commit credit card fraud.

Be very cautious of any message that asks you to follow a link to verify account information even if it looks like a genuine Facebook message and the link leads to a page that looks like the genuine Facebook website. Always login to your Facebook account directly via your web browser rather than by following a link in an email.

Note also that there are several versions of these scam messages currently being distributed. The actual wording of the messages may vary somewhat from the example shown above.

Bookmark and Share

Previous Article            Next Article

Issue 117 Start Menu

Pages in this month's issue:
  1. FB Security "Hacker" and "Virus" Warning
  2. Hoax: HIV Infected Blood In Pepsi
  3. Advance Fee Scam - Facebook 2011 Sweepstakes Online Lottery
  4. Hugh Hefner is NOT Dead - R.I.P. Hugh Hefner Facebook Virus Warning Hoax
  5. Wrench 3D Printing Viral Video
  6. Fake News Report Falsely Claims Mark Zuckerberg Arrested for Child Molestation
  7. Shutdown Cell Phone Virtual Kidnapping Scam Warning
  8. Facebook 'Virus' Warning - Girl in a Plaid Skirt
  9. Credit Card Overdue Malware Email
  10. Mobile Phone Misinformation - XALAN and #90 Hoax
  11. Hoax Warning: Lost Child Lure - 'New Way for Gang Members to Rape Women
  12. Hoax: Nadia Comaneci's Gymnast Granddaughter Viral Video
  13. 'Facebook Has Sent You a Message' Pharmacy Spam
  14. ''Uniform Traffic Ticket' Malware Email
  15. IRS 'Unable To Process Your Tax Return' Malware Email
  16. Nestle Banana Baby Food Recall Warning
  17. Hoax: Facebook to Start Charging This Summer - Facebook Icon Will Turn Blue
  18. Hoax - Nagasaki Arch Survives Both Atomic Bomb and Tsunami
  19. Alert From Facebook Security Team Phishing Scam
  20. Dollar Bills Stamped With 'NO GOD BUT ALLAH'