Facebook Phishing Attempt

There is a new Facebook phishing/hacking attempt going around that is causing lots of people to lose access to their accounts. The hack appears to come in one of two forms:

  1. An email sent to the account associated with your Facebook account that says that your account has violated Facebook’s content rules and your account will be deleted in 48 hours if you do not take action to review the content
  2. An email sent to the account associated with your Facebook account that says that someone suspicious recently tried to access your Facebook account and asks you to verify the login.

Both of these emails look like Facebook support emails. The buttons you click on both of the emails take you to what looks like Facebook (but it’s the old Facebook not the new Facebook.)

If you follow these links and verify your information, you lose access to your account and the hacker can change the email and password so you lose access to your account permanently. It seems like the hackers are targeting individuals whose personal Facebook account is tied to a Business Manager Facebook account. 

Thankfully, there is a fairly easy way to verify if the email that you received from Facebook is real. Simply follow these steps: https://www.facebook.com/notes/facebook-security/new-security-feature-reveals-if-facebook-mails-are-legit/10154983636230766/

Facebook keeps a record that shows you all the emails they have sent you, allowing you to verify if the email did in fact come from Facebook and take proper action.

Bottom line: Do NOT click on any links from an email that appears to come from Facebook before verifying the emails with the method above. A number of people in the digital marketing industry are reporting that their clients are losing access to both their personal accounts and their business accounts when they follow the links in these emails.

A tip off that the hackers seem to be missing is Facebook’s physical business address. The address is located at the bottom of the emails and lists it as “1 Facebook Way Menlo Park, CA 94025.” That is not their address. It is 1 Hacker Way Menlo Park, CA 94025. Their address is publicly available information and anyone who has had to verify that they are located in the United States with Facebook in order to run ads has received physical mail from Facebook with the Hacker Way address listed.

This is one of the most sophisticated hacks to come for Facebook users to date and it is likely to cause a lot of people to lose access to their accounts. Whenever you receive an email that threatens you with your account being deactivated or asking you to take specific steps, it’s always good internet safety to verify that email first. 

Should you receive one of these emails, immediately change your password and turn on two-factor verification. This will help ensure that your account stays secure. 

Have other questions about internet safety and your business? We can help! Contact SimplyBuilt today!