\ Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share





Phishing Scam - 'Account Reported for Annoying and Insulting Facebook Users'

Outline
Message claiming to be from "Security The Facebook Team" warns recipients that their account has been reported for violating Facebook policies. Users are told that they must click a link to reconfirm their account within12 hours or the account will be disabled.

Phishing

© Depositphotos.com/ alexskopje



Brief Analysis
The message is not from Facebook. It is a revamped version of earlier phishing scams that have targeted Facebook users for several years. The link opens a bogus website that asks users to provide Facebook login details as well as a large amount of personal and financial information. Criminals can use the stolen information to hijack Facebook and email accounts, commit financial fraud and steal identities.

Bookmark and Share
Example
Warning!!! Security The Facebook Team!! Note:

Your account is reported to have violated the policies that are considered annoying or insulting Facebook users. The system will disable your account within 12 hours if you do not do the reconfirmation. Please confirm your facebook account on the following link: [[security]] =>Link Removed

Thanks. note: please complete your data correctly.

Facebook © 2013 Copyright Network Inc.

Detailed Analysis
This supposed warning, which purports to be from "Security The Facebook Team!!" informs users that their account has been reported for violating Facebook policies. The message suggests that material posted on the account is considered annoying and insulting to Facebook users and has thus been reported. The message instructs people to click a link to reconfirm their account. It warns that if users do not "do the reconfirmation" within 12 hours, their account will be disabled.

However, the message is a phishing scam and was not sent by Facebook Security. The message is designed to trick Facebook users into divulging personal and financial information to cybercriminals.

Those lured into clicking the link will be taken to a fake Facebook webpage and asked to login:



Facebook Annoying Insulting

Next, they are taken to a page that asks for the email account address and password and other email account details:

Facebook Annoying Insulting

Yet another page asks them to provide credit card details:

Facebook Annoying Insulting

Finally, they are redirected to the genuine Facebook Security Page.

All of the information requested via the fake web pages can be collected by criminals and used to commit credit card fraud and identity theft. The criminals can also use the stolen information to hijack the real Facebook and email accounts belonging to their victims and use them to conduct further spam and scam activities.

The scam message is a revamped variant of earlier phishing attempts that have targeted Facebook users since at least 2011. And several other phishing attacks in recent years have falsely claimed to be from Facebook Security.

Be wary of any message that claims that you must click a link to update your Facebook account details. When logging in, always check the address to verify that you are on the real Facebook website rather than on a bogus look-a-like page.

Bookmark and Share

Last updated: August 23, 2013
First published: August 23, 2013
By Brett M. Christensen
About Hoax-Slayer

References
Facebook Account Reported Phishing Scam
Alert From Facebook Security Team Phishing Scam
Facebook Team Security 2013 Phishing Scam - 'Last Warning - Your Account Will Be Disabled'




Go to Mobile Version