Issue 121 - December 2011 - Page 4
Facebook Account Reported Phishing Scam
Message purporting to be from Facebook claims that the recipient's Facebook account has been reported for annoying or insulting other users and will be disabled if he or she does not confirm account details within 24 hours.
The message is not from Facebook. It is a phishing scam designed to steal the user's Facebook and webmail login details as well as credit card numbers and other personal details. If you receive this message, do not click any links that it contains.
Detailed analysis and references below example.
Last updated: 23rd November 2011
First published: 23rd November 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer
LAST WARNING : Your account is reported to have violated the policies that are considered annoying or insulting Facebook users. Until we system will disable your account within 24 hours if you do not do the reconfirmation.
Please confirm your account below:
The Facebook Team
Copyright facebook © 2011 Inc. All rights reserved.
Many Facebook users are currently receiving messages like the example shown above. The messages claim that the user's Facebook account has been reported for policy violations, specifically, annoying or insulting other Facebook users. The user is instructed to follow a link in the message in order to carry out an account "reconfirmation". According to the message, which purports to be from "The Facebook Team", the user's account will be disabled if he or she does not confirm the account within 24 hours.
However, the message is certainly not from Facebook and the claim that the user's account has been reported is untrue. In fact, the message is a phishing scam designed to trick users into divulging their personal and financial information to Internet criminals. Those who fall for the ruse and click the link will be first taken to a fake Facebook "Account Disabled" web form that asks them to provide Facebook login details and part of their credit card number. The bogus form is shown in the screenshot below:
Once the victim has completed this bogus form, he or she is then taken to a second fake form that asks for webmail login details:
Once the requested Webmail details are provided, the user is taken to a third bogus form that asks for a username and - again - the first 6 digits of the user's credit card number:
All of the information provided on the bogus forms can be collected by the criminals operating the scam. Once armed with this information, the scammers can hijack the user's real Facebook account and, posing as the account holder, send more scam messages to the victim's Facebook friends. They can similarly hijack the victim's webmail account and use it to send further scam and spam messages. Once they have hijacked these accounts, the scammers are likely to lock their victims out by changing account passwords and email addresses.
They may also use the stolen credit card information to delve further
into their victim's financial information with a view to conducting more fraudulent activities and identity theft.
There have been several variations of this scam over recent months. While the back stories used by the scammers may vary considerably, all are intended to trick users into supplying account login details and other personal and financial information to cybercriminals. Another recent version, which purports to be an alert from Facebook Security
, claims that the recipientís Facebook account may have been compromised and that he or she must follow a link to verify account details within 12 hours or risk having the account permanently suspended.
Users should be very cautious of any message that asks them to follow a link to verify account information even if it looks like a genuine Facebook message and the link leads to a page that looks like the genuine Facebook website. Always login to your Facebook account directly via your web browser rather than by following a link in an email or chat message. Such scams can often be identified by examining the link in the messages. The links are not genuine Facebook web addresses. The scams are often characterized by poor or unusual grammar and spelling.
BIN - Bank Identification Number
Alert From Facebook Security Team Phishing Scam
Pages in this month's issue:
- Bogus Warning - Scammers Asking for Baby Details to Claim Benefits in Your Children's Names
- False Claim - Cardiff City Football Club Refused to Donate Club Shirt for Fallen Soldier's Coffin
- Summer Chain Email - Blond Hair And Blood Shot Eyes
- Facebook Account Reported Phishing Scam
- Christmas Tree App Virus Hoax
- Sears Supports Reservist Employees Email Forward
- False Claim - Colour Photographs of Hitler Taken by American Life Photographer
- Budweiser Frogs Virus Hoax
- Phone Text Message Lottery Scams
- Skype TopUp Payment PayPal Phishing Scam
- Hoax - Mark Zuckerberg Blames Facebook Porn Attack on the Philippines
- 'DGTFX Virus' Email Account Phishing Scam
- Recent Facebook Porn Attack Highlights Dangers of Misleading 'Security' Warnings
- False - Send Christmas Cards for Recovering Soldiers to Queen Elizabeth Hospital
- Christmas Cards for Recovering American Soldiers
- Starbucks Coffee Free Gift Card Survey Scam
- Facebook 'Virus' Warning - 'Nobody can watch this for more than 15 seconds' Video
- Advance Fee Scam - British National Lottery Promo Programme
- Live Ants In The Brain Hoax
- Hoax - Albany Bread Poisoned by Staff
- PayPal 'Verify to Resolve Account Limitations' Phishing Scam
- Red Bull Car Adverts Money Laundering Scam
- Hoax - Facebook Shutting Down on March 15
- False Warning - Red Dot Inside a Red Square On Chocolate Bars Indicates That Product Contains A Pork Derivative
- IT Service Desk 'Scheduled Maintenance & Upgrade' Phishing Scam
- Abandoned Two Week Old Sydney Baby Prayer Request
- Protest Message - Prison Sentence for Spray Painting Poppy on Mosque
- Protest Message - Dog Named 'Parrot' Shot by Police
- Inaccurate Protest Message - Poundland and Bodyshop Banning Staff From Wearing Poppies
- Apple Store Account Phishing Scam