Facebook has long touted two-factor authentication as one of the strongest security measures that users can implement to protect themselves. However, a devious new scam has found a way around this safeguard by sending users fake copyright violation notices.

According to Threatpost, hackers are sending these bogus notices to users and threatening to take down their pages if they don’t file an “appeal.” And of course, users must submit their username, password and two-factor authentication code from their mobile device in order to make that happen.

“None of these tactics are new — this scam was just an interesting and informative combination,” security researcher Paul Ducklin told Threatpost. “Firstly, the email is short and simple; secondly, the link in the email goes to a legitimate site, namely Facebook; thirdly, the workflow on the scam site is surprisingly believable.”

Ducklin went on to say that while two-factor authentication is effective for slowing down cybercriminals, it shouldn’t be treated as a “silver bullet.” Instead, he said, it’s vital for users to check and double check where web links are leading before you click them. Also, never enter personal information unless you’re absolutely certain you’re on the real site. As frustrating as these scams are, we all have the power to snuff them out simply by being more careful online.

Recommended Resources

The Choice of Tech Experts Worldwide. Try 90 days free of Bitdefender and experience the highest level of digital safety.

Surf the web truly incognito. Try Bitdefender Premium VPN, the ultra-fast VPN that keeps your online identity and activities safe from hackers, ISPs and snoops.

System Mechanic 14 – Make your computer run like new. Winner of 200+ Editor’s Choice awards!