How to Navigate the Latest Facebook Scam

Table of Contents

Scam Alert: Beware of the Latest Facebook Phishing Scheme

A new scam targeting Facebook business page administrators and users is circulating, aiming to steal login credentials. For financial institutions like banks and credit unions, losing admin control over Facebook accounts can have severe consequences. Although phishing scams are not new, this one is particularly deceptive.

Here’s what you need to know to identify and protect yourself from this scam.

How It Works

You receive a notification that seems to come from Facebook (Meta), stating that your page has been disabled, with messages like: “Your Page Has Been Disabled.” Clicking on this notification leads to an explanation, citing reasons such as sharing misleading content, unauthorised photos, or offensive material.

A closer inspection reveals that the notification is actually a post from a Facebook page named: Your Page Has Been Disabled. This post might be shared on your personal page by a compromised or malicious profile, or it could be posted elsewhere, tagging you or your business page. This tag makes it appear in your notifications (or in the Social tab of the Social Assurance app). Clicking the notification takes you to a post that convincingly resembles a genuine Facebook/Meta notification, making the scam especially deceptive.

The post contains a link to a page that asks for personal information, mimicking Facebook’s design and colours to trick you into believing you are on an official Facebook page. The requested information often includes login details, personal data, passwords, and other sensitive information.

If you click on the name of the page, which is misleadingly phrased to look like a notification, you’ll find an actual page set up under that name. The profile picture is typically a generic flag graphic or warning icon, furthering the illusion that this is a notification rather than a page. You may also see similar posts from the fake account tagging other individuals or businesses.

To protect yourself, always verify notifications and avoid clicking on suspicious links. If in doubt, go directly to your Facebook page settings to check for any actual issues.

How to Identify Whether or Not It Is a Scam

1. Not a Genuine Facebook Communication

If you examine closely you’ll notice that you’ve been tagged in a post, not receiving an actual notification. The account tagging you is useing a name crafted to mimic a notification.

2. You Have Been Tagged in a Post

Facebook/Meta typically informs you about account issues through standard notification windows, not posts. These notifications do not tag you or other individuals/organisations.

3. Errors in Language and Grammar

Be wary of any message with typos, poor grammar, and awkward phrasing. These errors are common indicators of a scam across various platforms, including social media, text messages, and emails. Exercise caution if you encounter these signs.

4. Sense of Urgency

Scammers frequently employ tactics that create a false sense of urgency, compelling you to act quickly or make decisions hastily. This urgency is designed to prevent you from carefully considering the situation and potentially falling victim to their scam.

5. Suspicious Link Formats

Genuine notifications from Facebook typically use buttons to encourage user interaction, rather than embedding direct links. It’s important to look at links very closely and refrain from clicking on them as a general precaution. Scammers often use links that are slightly altered, such as with inverted letters or minor misspellings, to give the appearance of legitimacy at first glance.

What to Do Next?

1. Avoid Clicking Links

Refrain from clicking on any links in the suspicious post.

2. Remove Tags

Untag yourself or your organisation from the post to disassociate from it.

3. Report as Spam

Click the flag icon at the bottom of the post and follow the prompts to report it as spam. Encourage your team members to do the same. Increased reports on a post raise the chances of Facebook taking action against the malicious content by either removing or hiding it.

How to Enhance Your Social Media Account Security

Access Permissions

Evaluate the access levels granted to individuals within your organisation for your social media accounts. Implement systems and processes that centralise access permissions to ensure that each team member has only the necessary level of access, which can help keep your accounts more secure.

Centralised Access Management

Utilise a central platform to manage access permissions for your accounts. This approach makes it easier to enforce policies, protect your accounts, and educate team members about potential scams, such as the one described here.

Account Security Solutions

Explore account security solutions that offer centralised access management. These solutions can help you manage access permissions more effectively and protect your accounts from unauthorised access.

Contact the friendly team at Digital Pie today to learn more about our services and how we can help safeguard your business against online threats.

Check out our Other Blogs:

Load more