Debunking hoaxes and exposing scams since 2003!

Hoax-Slayer Logo

PHISHING - 'Security Alert Facebook Disabled' Email


Outline

Message purporting to be from the Facebook Security team claims that, due to suspicious account activity that violates the Terms of Service, your Facebook account will be automatically disabled if you do not click a link and confirm account details within 12 hours.

Facebook phising
© Depositphotos.com/ janaka

Brief Analysis

The message is not from Facebook and the claim that your Facebook account will be disabled if you do not confirm account details is a lie. The message is a phishing scam designed to trick users into submitting their account login details and other personal information to criminals.

Example

(•SECURITY ALERT•) Your Facebook Account Disabled !! Our security sуstem detects suspicious activity on your аccount that violates the Тerms of Serviсe (TOS),

Please сonfirm your Fаcebook account immediately if you feel there has been a mistake. If you do not сonfirm, our system will automatically disable your Faсebook acсount.
Please click the link below and confirm your account: 

[Link Removed]

Note: Please confirm your account before 12 hours, or your account will be permanently disabled.
Thenks, 
The Fαcеbооk Security Team ™ 
Fαcеbооk © 2014 Cоpyгighт петwогk Iпc.


Detailed Analysis

'Facebook Security' Message Threatens Account Will Be Disabled

According to this message, which purports to be from 'Facebook Security', your Facebook account will be permanently disabled if you do not confirm account details within 12 hours.

The message claims that Facebook's security system detected suspicious activity on the account that violates the Terms of Service (TOS) and your account is therefore about to be disabled as a result.

But, claims the message, you can stop the account from being disabled by clicking a link and confirming your account information.

Message is a Phishing Scam That Tries to Steal Account Info

However, the message is certainly not from Facebook Security or anyone else at Facebook.  Instead, it is a phishing scam designed to trick you into giving your Facebook account information to criminals.

If you click on the link as instructed, you will be taken to a fake Facebook page and asked to login with your Facebook email address and password. You may also be asked to supply further personal and financial information, ostensibly as a means of proving your identity and confirming your account.

But, once the fake update process is completed, all of the information you submitted will be collected by scammers and used to hijack your Facebook account and commit financial fraud in your name.

Once they have accessed your account, the scammers will likely change the name of the account to 'Facebook Security' or a similar variation and send out a new round of the phishing scam messages to all of your friends. 

This ensures that the scam messages reach a wide and varied audience and are sure to take in at least a few recipients. And because, the scam messages come from within Facebook's own message system - via the compromised accounts - many users may believe that they are legitimate.

Fake 'Facebook Security' Messages a Common Scammer Ploy

Very similar Facebook Security phishing scam messages have targeted Facebook users for several years. Be very wary of any message that claims to be from Facebook Security or a similar name and instructs you to click a link to verify account details or update information. 

It is always safest to login to your Facebook account by entering the address into your browser's address bar or via a legitimate Facebook app rather than by clicking a link in a message.





© Depositphotos.com/alexskopje


Last updated: July 15, 2014
First published: July 15, 2014
By Brett M. Christensen
About Hoax-Slayer

References
Phishing Scams - Anti-Phishing Information
Alert From Facebook Security Team Phishing Scam
targeted Facebook users
Phishing Scam - 'Account Reported for Annoying and Insulting Facebook Users'