Familiarise Yourself With Scam Messages

What is a Scam message?

Scams are ever-prominent and many businesses receive Facebook scam messages on a regular basis. The purpose of this blog post is simply to inform you of the risk and how to protect yourself.

These messages will often appear to be from seemingly legitimate sources, such as Facebook itself, the Meta Security Team, and others. However, they are in fact designed to steal your personal information or upload malware to your computer. If you receive a Facebook scam message, Ensure that you proceed with caution. Do NOT click on any links in the message and do NOT provide any personal information. Following the link on these messages and filling out your details in the login prompt is a way for hackers to gain access to your account. If you are unsure whether a message is legitimate, please contact the sender to verify the authenticity of the message and report the message to Facebook.

If you think you may have fallen victim to a Facebook scam, you should change your password immediately and contact Facebook for help. You should also run a scan of your computer for malware to ensure nothing has been uploaded to your device.

What Do They Look Like?

Scam messages typically follow a similar format, which:

Starts with a generic opening
Follows with a high pressure situation to create urgency
Attaches a URL link
Tells you to follow the link to confirm
Signs off by impersonating the Facebook team or similar
Has poor grammar or phrasing majority of the time

While this guideline does not guarantee that every scam message will follow this exact style, it does provide a good indication of how many are likely to be formatted in this manner. Scammers often use common templates to make their messages look legitimate. This can make it difficult to spot scams, especially if you are not familiar with the signs of a scam. However, if you are aware of the common formatting of scam messages, you will be better equipped to recognise them and avoid falling victim to a scam.

We have attached some helpful links at the end of this blog to help you gain a better insight into scam messages.

Analysis Of A Real Scam Message

Analysing the example below, you can see the URL linked by the scammer is business.facebook.com. Many scam links will be a slight variation of the legitimate URLs they are trying to impersonate. The general deception strategy here involves the scammer creating a URL link that has “business” included in the domain name prior to “facebook.com” in comparison to the authentic Facebook URL link which should read “facebook.com/business” The differential factor being the forward slash after the proper website domain name.

Another huge indicator is the urgent and threatening tone of the message, urging you to take action quickly or your account will be permanently disabled. This tactic aims to prompt a hasty response, enticing you to click the link – something you should definitely avoid.

Slightly more subtle signs are the odd choice of words/phrasing and poor grammar, such as capital letters in the wrong places. Signing off the message with “Thank you for helping us improve on the above anomaly” is both a bit awkward to read and doesn’t entirely make sense in the context of the situation. Lastly, the capital “P” used in the middle of a sentence is poor grammar, further confirming that it is a scam message.

Closing Thoughts

Scam messages are becoming increasingly common in recent years. Being able to identify them instantly will protect yourself and your information. Once you’ve identified a scam message, we recommend you report these messages as spam and move them to your trash, where you can safely ignore them. If something feels a little off, it probably is. Protect yourself and your data by staying informed about the nature of these scams. Best to avoid clicking on any links before you know the legitimacy of the message.