Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 153 - May, 2013 (1st Edition) - Page 2

Facebook 'Account May Not Be Authentic' Phishing Scam

Issue 153 Start Menu

Previous Article            Next Article

Outline
Message purporting to be from Facebook claims that the recipient's Facebook account is to be blocked because the account may not be authentic. The recipient is instructed to click a link to reconfirm the account within 24 hours and is warned that failing to reconfirm will result in permanent removal of the account.

Facebook Phishing Scam

© Depositphotos.com/Karol Kozlowski



Brief Analysis
The message is not from Facebook and the user does not need to reconfirm the account as claimed. The message is a phishing scam designed to steal Facebook login details and personal and financial information. If you receive one of these messages, do not click on any links that it contains.

Bookmark and Share

Example
Message Facebook

Notice Blocking Facebook Account
We have received feedback that your account may not be authentic. Facebook is a community where people share and interact using real identity.
Please reconfirm your facebook account below:

Click here [Link Removed]

attention:

All accounts that are not verified within 24 hours will be removed from our database and the user will not be able to use it again.
Thank you for your attention.

Facebook © 2013 Copyright Network Inc.

Facebook Blocked Account Scam


Detailed Analysis
This message, which purports to be from Facebook, claims that the user's Facebook account will be blocked unless he or she clicks a link and reconfirms account details. According to the message, the account blocking is because of reports that the account may not be authentic. The user is further warned that, if he or she fails to reconfirm within 24 hours, the account will be removed from the network's database.

However, the message is certainly not from Facebook. Nor is the user required to reconfirm the account to avoid blocking. In fact, the message is a phishing scam designed to trick Facebook users into handing over their account login details as well as their personal and financial information.



Those who fall for the ruse and click the link will first be taken to a bogus Facebook login page as shown in the following screenshot:

Fake Facebook Login PAge

After submitting the Facebook login details, victims will then be taken to another bogus form that asks for their email address and email password along with other account related information:

Facebook Email Account Scam Form

Next, victims will be taken to yet another bogus page that requests their credit card details:

Bogus Credit Card Info Facebook Form

After users click "confirm" on the final form, they will be automatically redirected to the genuine Facebook website. Alas, all of the information they have submitted will be collected by Internet criminals. Armed with this stolen data, the criminals can hijack the compromised Facebook and webmail accounts and use them to initiate further scam campaigns. They are likely to lock the legitimate users out of their accounts. The criminals can also use the stolen information to commit credit card fraud and identity theft.

This type of phishing scam is common and continues to find new victims every day. Similar scam emails - many of which falsely claim to be from "Facebook Security" - have been regularly distributed to Facebook users for several years. The scam messages are often characterized by poor or unusual spelling and grammar. They also tend to feature strange formating of keywords such as "Facebook", apparently in an effort to confuse spam and scam filters.

Be wary of any message purporting to be from Facebook that claims that you must follow a link to verify your account. Always login to your Facebook account by entering the address in to your browser's address ba rather than by clicking a link in an unsolicited email.

Bookmark and Share

Last updated: April 24, 2013
First published: April 24, 2013
By Brett M. Christensen
About Hoax-Slayer

References
Alert From Facebook Security Team Phishing Scam
Facebook Team Security 2013 Phishing Scam - 'Last Warning - Your Account Will Be Disabled'



Previous Article            Next Article

Issue 153 Start Menu

Pages in this issue:
  1. Golden Zebra Photograph
  2. Facebook 'Account May Not Be Authentic' Phishing Scam
  3. Tick Removal Advice - Liquid Soap Technique
  4. Craigslist Overpayment Scam Warning Message
  5. Telstra Bill Account Update Phishing Scam
  6. Fake Cover-More Insurance Emails Carry Malware
  7. Circulating Picture Falsely Claims to Show Eight Year Old Boston Bombing Victim
  8. Madeleine McCann New Zealand Lookalike Facebook Post
  9. Facebook Page Hacker Warning Message - "Visit The New Facebook" Links
  10. Hoax - Facebook Shutting Down on May 15, 2013
  11. 'Personal Assistant' Money Laundering Scam

New on Hoax-Slayer: