Phishing attacks are on the rise for Facebook users, tagging users in posts and/or sending emails if it's visible through their profile.
Hackers create their own facebook profilesMeta(Facebook) will never communicate in this way to users
How it works
Hackers tag users in Facebook posts claiming their content/profile was reported and will be deleted unless they take action by clicking on included (phishing)link. Users who click on link would be asked to enter a username, password or other personal information that hackers use to gain control of their account.
Similar messages are sent via email or messenger with a link to click on either connecting to a facebook group or to a phishing site. Never click on links inside these types of messages.
What to do if you receive a suspicious message?
Facebook posts:
- Notify Meta by tapping on the 3 dots at the top of the post
- Tap Report Post - You will be asked to block user and report post. Don't hesitate to block the user even if it's a friend. It's possible their account was hacked.
- Tap report - Meta will review the post and delete it if it's found to be suspicous/malicious.
***Note - Do NOT click on any link inside a facebook post unless you are certain it is safe.
Email messages
Scammers sometimes create fake emails that look like they’re from Facebook. These emails often look like:
- Notifications about friend requests, messages, events, photos and videos.
- False claims that you went against Community Standards.
- Warnings that something will happen to your account if you don't update it or take a certain action.
- Claims or offers that sound too good to be true (such as winning a Facebook Lottery.)
Forward any emails you receive and think are suspicious to phish@fb.com and delete the message.
What to do if you clicked on link
If you clicked on a suspicious link, change your password and enable 2 factor authentication immediately. Acting fast can stop an attack from happening before it does.
Facebook 2 Factor Authentication - facebook 2FA
Examples of email and facebook post scams.
The 2 examples below contain a link which if clicked on would ask the user to enter their username and password. Facebook never asks you to do this, so be aware of these types of scams and notice how they could seem legitimate.
These types of messages should be reported immediately and deleted.
Tagged post example of phishing message
Source: Facebook Support Document
Download CyberAid's App
Our mission at CyberAid is to keep you safe and secure online with all the cyber protection you need in one place. To get the most effective cyber defense, download our mobile cyber app.
Contact Us
Our agents and support team are here to answer questions, offer guidance and resolve any Cyber attacks.
To reach us:
Phone: +1 (223) 232-2220
Email: customersupport@cyberaid.app
You can submit a request in our Help Center or chat with us using our chatbot or our mobile cyber app.