Cybercriminals are using fake Facebook Security Team messages to trick unsuspecting users into visiting a malicious page and hand over their usernames and passwords.
As this year starts off fresh, cybercriminals have dusted off their social networking fishing hooks to aim them at Facebook users to bait them with fake “Security Team” messages, which includes links to phishing sites designed to steal login usernames and passwords. Everyone should be just aware of this and take precaution on this.
The latest scheme uses a bogus Facebook Security Team account to inform potential victims that their accounts have been suspended due to Terms of Service violations.
The message reads: “We have reviewed the suspension of your Page. After reviewing your page activity, it was determined that you were in violation of our Terms of Service. We have provided a warning to you via email, but you have not responded to our notifications. Therefore, your account might be permanently suspended,”
Users who click on the “verify your account” link are taken to a malicious Facebook app page where they’re requested to provide their page name, email address or phone number, and password.
Of course, the app has nothing to do with Facebook and those who sign up are actually handing over their login credentials.
If you’ve already fallen victim to this scam, be sure to immediately change your password. If it’s too late, visit the Facebook Help Center and try to reclaim your account.