Facebook Account Locked Due to Malware Warning
Message circulating on Facebook warns users not to click on a popup window advising that their Facebook account has been temporarily locked because malware has been detected on their computer. According to the message, clicking "continue" on the popup will install a virus that will wipe out the user's computer.
© Depositphotos.com/ panama555
The claims in the warning are untrue. In fact, the popup message is a legitimate Facebook feature designed to help users rid their computers of malicious software. Clicking the "Continue" button will take the user to a process that includes downloading and running a malware scanner. The feature is part of Facebook's "Malware Checkpoint" system. Sending on this misleading message is counterproductive and will help nobody.
Identity theft is one of the fastest growing crimes in the world. Learn how to stay safe online with Hoax-Slayer's comprehensive eBook:
WARNING TO EVERYONE: If you see something like this pop up on your screen, DO NOT CLICK CONTINUE!!! It is a virus, and it will WIPE OUT your computer!!!!
Text of popup message:
Your account is temporarily locked
Your account has been temporarily locked because we have detected malicious software on your computer. Malware is malicious software that tries to access your personal information, slows your connection, and could cause other problems when you use Facebook. Your computer can become infected with malware when you click or share spammy links.
To get help removing the malware, click Continue. Once the malware is removed, you can log in to your account.
The warning includes a screenshot depicting the popup window.
However, the the claims in warning are untrue. The popup window is a legitimate Facebook feature designed to help users rid their computers of malicious software. If the popup window appears on the user's screen when he or she tries to access Facebook, it means that Facebook's security system has detected a possible malware infection on the user's computer and has consequently locked the account until the malware has been removed.
Clicking the "Continue"
button will lead the user through an account recovery process that includes downloading and running an anti-virus scanner designed to find and remove malware. This system has been operating on Facebook for several years. A July 2012 Computer World article on the issue explains:
Facebook already uses internal scanners to detect spam and malicious messages that might have been sent from user accounts hijacked by malware.
And Facebook provides information about the process in its help files, noting:
When found, such accounts are temporarily locked down and their owners are asked to go through a multi-step account recovery process that involves downloading and running a malware scanner called McAfee Scan and Repair.
When I log in to Facebook, I see a message telling me I have a virus and need to scan my computer with anti-virus software.
In 2012, Facebook extended this "Malware Checkpoint" functionality to allow users to download and run selected anti-malware products before they received the above "account locked" message. In an announcement about the feature, Facebook noted:
You're seeing this message because our systems detected spam or other malicious content posted by your Facebook account. This activity suggests your computer might be infected with malware. In order to keep both your account and the files on your computer secure, your computer needs to be scanned and cleaned. Since we partner with anti-virus vendors like McAfee and Microsoft, you can do this for free by logging into Facebook and following the on-screen directions.
Previously, if you suspected you may have malware installed on your device, you would either need to run anti-virus on your device or wait until Facebook identified an actionable threat. Now, with our new self-enrollment malware checkpoint, you will be able to proactively obtain your choice of a free anti-virus product to scan and clean your system.
Thus, the popup is not a threat as claimed in the above bogus warning. Ironically, the system is designed to help people deal with malware that may already be on their system, so this warning is not only wrong but could actually increase the risk to users by denying them the opportunity to clean their computers. Reposting this misleading information is therefore counterproductive and will help nobody.
That said, it is perhaps understandable that users have been concerned about these popup messages, because similar claims are often made in scam emails. Some phishing scam emails may claim that a user's account will be disabled if they do not click a link or open an attached file to update account information. These scam are designed to steal account login details. And, given that some malware may cause unexpected windows to appear that try to trick users into disclosing account information, it is always wise to be cautious and check any such requests before proceeding. However, in the case of the above popup notification, which will only be displayed when users try to access their Facebook accounts, the claims are legitimate.
Of course, the best way of avoiding having your Facebook account locked for malware as described above is to ensure that you already have up-to-date anti-virus and anti-malware scanners installed on your computer. You should also make sure that your operating system, browser and other software always has the most recent security updates applied, as this will also help avoid malware infections. And, as always, caution is required when following links or opening attachments in unsolicited messages.
Last updated: May 29, 2013
First published: May 29, 2013
Research: David White, Brett Christensen
Written by Brett M. Christensen