Debunking hoaxes and exposing scams since 2003!

Jump To: Example    Detailed Analysis   References

Facebook Team Security Phishing Scam - 'Last Warning - Your Account Will Be Disabled'

Jump To: Example    Detailed Analysis   References


Message purporting to be a warning from 'Facebook Security' or the 'Facebook Team' claims that recipients must click a link and confirm their details or their Facebook account will be closed permanently.

Brief Analysis

The email is not from Facebook and the claim that users will have their accounts disabled if they do not confirm account details is a lie. The message is a phishing scam designed to steal Facebook login details and other personal information. If you receive one of these messages, do not click any links or open any attachments that it may contain.



Bookmark and Share


Facebook Secuity Phishing Scam

Subject: Last warning Facebook Team Security

Last Warning: Your account will be disabled!

Immediately confirm your account in order to avoid blocking.

This is due to the number of Facebook users who use fake profiles, which violates the provisions of our services. If you are the original owner of this account please confirm your account to avoid blocking the account.
Please re-confirm your account here:
{Link Removed]

If within 24 hours you do not confirm, then your account will be deleted and the user will not be able to use it again.
Facebook Team Security

Terms of Intellectual Property and Security Policy
Copyright © 2013 ™ All rights reserved
Facebook Inc. P.O. Box 10005, Palo Alto, CA 94303

Detailed Analysis

This rather threatening email, which claims to be a "last warning" from Facebook Team Security (or, in some versions, just the Facebook team), warns recipients that, if they fail to click a link and reconfirm account details within 24 hours, their Facebook account will be permanently deleted. Recipients are informed that, due to the creation of fake profiles by a number of users, original owners of Facebook accounts must immediately confirm their account details to avoid being blocked.

However, the email is not from Facebook Security or any other legitimate Facebook source. In fact, the message is a phishing scam designed to trick users into disclosing both their Facebook and webmail account login details to Internet criminals. Those who fall for the ruse and click the scam link, will be presented with the following fake Facebook login, which is designed to closely emulate the genuine Facebook website:

Facebook Last Warning Phishing Scam
If they supply their Facebook login details on the fake form, victims will then be taken to a second bogus page that asks them to submit the username and password for their email account as well as other personal information:
Fake webmail account form

Finally, victims are shown a message supposedly confirming their submission before being automatically redirected to the real Facebook website:

Fake Facebook confirmation
All information supplied via the fake forms can be collected by criminals and used to hijack real Facebook and webmail accounts. The scammers may use the hijacked accounts to perpetrate further spam and scam campaigns and impersonate the genuine account holders for their own nefarious purposes. This is just one example in a series of similar "Facebook Security" phishing scams that have targeted Facebook users in recent years. If you receive one of these "Facebook Security" messages, do not click any links or open any attachments that it may contain.



Bookmark and Share

Last updated: August 19, 2015
First published: February 26, 2013
By Brett M. Christensen
About Hoax-Slayer

Phishing Scams - Anti-Phishing Information
Friend Stranded in Foreign Country Scam Emails
Alert From Facebook Security Team Phishing Scam