Scammers are using a new trick to try and get people to divulge their login information. They’re sending out fake emails claiming to be from Facebook, saying that the user has breached copyright laws and that their account will be deleted within 48 hours unless they appeal. The email includes a link to appeal, which users might click on in a panic to try and save their account.
However, the link leads to a fake site or a mix of fake and real sites, where the user is asked to authenticate their account through a One Time Password check. This check will inevitably fail, and the user will be offered an alternative way to authenticate, which leads back to the main site.
Experts warn that these fake “violation notifications” use real Facebook pages to redirect users to external phishing sites. They advise users to be extra careful when receiving these notifications and to be wary of the apparent legitimacy of the initial links.
One way to tell if the notification is fake is to check the email sender. If it’s a long, odd-sounding address that doesn’t use any of Facebook’s main web addresses (like facebook.com, fb.com, or meta.com), it’s probably not legitimate. The same goes for web pages that ask you to log in – if you’re not sure, it’s best to go directly to Facebook by closing any open windows, typing in facebook.com yourself, and logging in that way. This way, you’ll be able to see any issues that have been raised in your notifications.
It’s also worth noting that Facebook owner Meta doesn’t just delete people’s accounts out of the blue. Users typically get several warnings before this happens, and even if someone has done something wrong, it usually results in a temporary suspension first. So if you receive a notification claiming that your account will be deleted unless you appeal, it’s likely a scam. Stay vigilant and protect your login information!
Choose what the experts use: award-winning cybersecurity you can trust and rely on.
Surf the web truly incognito. Try Bitdefender Premium VPN, the ultra-fast VPN that keeps your online identity and activities safe from hackers, ISPs and snoops.