By the AllClear ID Team
Tamara here from the AllClear ID investigation team. Facebook users are being duped into divulging personal information by filling out a form to supposedly prevent their Facebook account from being disabled. The information theyâ€™re being asked ranged from their email address and Facebook password to the first six digits of their credit card number and type of card. Scammers then use that personal information to assume the victimâ€™s Facebook profile and email. In doing so the thief can not only spread the scam, but can also obtain other personal and financial information to commit identity theft.
How it works: Facebook users receive a phishing email stating their Facebook account has been reported for policy violations, specifically that they are annoying or insulting other Facebook users. If they do not confirm the account within 24 hours, their account will be disabled.
â€œSpammers and scammers sometimes create phony emails that look like theyâ€™re from Facebook,â€ as written on the Facebook Security home page. â€œThese emails can be very convincing. Even the â€˜From:â€™ field can be spoofed to include â€˜Facebookâ€™ or â€˜The Facebook Team.â€™â€
These emails might include:
- Notifications about friend requests, messages, events, photos, and videos
- False accusations that you are abusing the site
- Warnings that something will happen to your account if you don’t update it or take another immediate action
One way to check if an email is actually from Facebook is to look for a link at the bottom of the message directing you to unsubscribe or edit your Facebook email notification settings. To test this link:
- Right-click the link and copy the URL
- Paste it into your browser
- Make sure it starts with “www.facebook.com”
Note that this link isn’t included in all correspondence from Facebook. For example, if you contact Facebook about an issue, the email response you receive won’t include an unsubscribe link. If an email looks strange donâ€™t click any of the links in it or open any attachments.
An important note: Facebook will never send you a password as an attachment.
Also, check Facebookâ€™s Community Standards to see what is considered truly bad enough toÂ get your profile taken off the website.
Views expressed are the personal views of the author, and do not represent the views of the National Foundation for Credit Counseling, its employees, its members, or its clients.