Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    eBook    Contact
Bookmark and Share

Facebook Account Reported Phishing Scam

Message purporting to be from Facebook claims that the recipient's Facebook account has been reported for annoying or insulting other users and will be disabled if he or she does not confirm account details within 24 hours.

Brief Analysis
The message is not from Facebook. It is a phishing scam designed to steal the user's Facebook and webmail login details as well as credit card numbers and other personal details. If you receive this message, do not click any links that it contains.

Bookmark and Share
Detailed analysis and references below example.

Scroll down to submit comments
Last updated: 23rd November 2011
First published: 23rd November 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

LAST WARNING : Your account is reported to have violated the policies that are considered annoying or insulting Facebook users. Until we system will disable your account within 24 hours if you do not do the reconfirmation.

Please confirm your account below:

[Link Removed]

The Facebook Team
Copyright facebook © 2011 Inc. All rights reserved.

Detailed Analysis
Many Facebook users are currently receiving messages like the example shown above. The messages claim that the user's Facebook account has been reported for policy violations, specifically, annoying or insulting other Facebook users. The user is instructed to follow a link in the message in order to carry out an account "reconfirmation". According to the message, which purports to be from "The Facebook Team", the user's account will be disabled if he or she does not confirm the account within 24 hours.

However, the message is certainly not from Facebook and the claim that the user's account has been reported is untrue. In fact, the message is a phishing scam designed to trick users into divulging their personal and financial information to Internet criminals. Those who fall for the ruse and click the link will be first taken to a fake Facebook "Account Disabled" web form that asks them to provide Facebook login details and part of their credit card number. The bogus form is shown in the screenshot below:

Fake Facebook Account Diabled form

Once the victim has completed this bogus form, he or she is then taken to a second fake form that asks for webmail login details:

Fake Facebook Webmail Form

Once the requested Webmail details are provided, the user is taken to a third bogus form that asks for a username and - again - the first 6 digits of the user's credit card number:

Fake Facebook Username Form

All of the information provided on the bogus forms can be collected by the criminals operating the scam. Once armed with this information, the scammers can hijack the user's real Facebook account and, posing as the account holder, send more scam messages to the victim's Facebook friends. They can similarly hijack the victim's webmail account and use it to send further scam and spam messages. Once they have hijacked these accounts, the scammers are likely to lock their victims out by changing account passwords and email addresses.

They may also use the stolen credit card information to delve further into their victim's financial information with a view to conducting more fraudulent activities and identity theft.

There have been several variations of this scam over recent months. While the back stories used by the scammers may vary considerably, all are intended to trick users into supplying account login details and other personal and financial information to cybercriminals. Another recent version, which purports to be an alert from Facebook Security, claims that the recipientís Facebook account may have been compromised and that he or she must follow a link to verify account details within 12 hours or risk having the account permanently suspended.

Users should be very cautious of any message that asks them to follow a link to verify account information even if it looks like a genuine Facebook message and the link leads to a page that looks like the genuine Facebook website. Always login to your Facebook account directly via your web browser rather than by following a link in an email or chat message. Such scams can often be identified by examining the link in the messages. The links are not genuine Facebook web addresses. The scams are often characterized by poor or unusual grammar and spelling.

Bookmark and Share References
BIN - Bank Identification Number
Alert From Facebook Security Team Phishing Scam

Last updated: 23rd November 2011
First published: 23rd November 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer