Cybercriminals are using fake Facebook Security Team messages to trick unsuspecting users into visiting a malicious page and hand over their usernames and passwords.
The latest scheme, detailed by Facecrooks, uses a bogus Facebook Security Team account to inform potential victims that their accounts have been suspended due to Terms of Service violations.
“We have reviewed the suspension of your Page. After reviewing your page activity, it was determined that you were in violation of our Terms of Service. We have provided a warning to you via email, but you have not responded to our notifications. Therefore, your account might be permanently suspended,” the message reads.
Users who click on the “verify your account” link are taken to a malicious Facebook app page where they’re requested to provide their page name, email address or phone number, and password.
Of course, the app has nothing to do with Facebook and those who sign up are actually handing over their login credentials.
If you’ve already fallen victim to this scam, be sure to immediately change your password. If it’s too late, visit the Facebook Help Center and try to reclaim your account.