Facebook users need to stay vigilant as a new scam has been circulating on the social media site. While fraudulent activities on social media sites are not uncommon, this time around, Facebook users are the unwarranted potential victims of the "Page Disabled" phishing.
Users should be familiar with Facebook Security pages as the new phishing scam could dupe users into divulging personal data such as credit card details, Facebook login IDs, as well as their password and username for PayPal.
While asking for a password to a third-party should send off alarm bells, some non-technical users may fall prey.
The Facebook "Your page will be disabled unless..." scam was initially spotted by RNLI's Luke Williams who alerted Facebook page admins. Williams also posted a screenshot of what the comment-scam looked like.
Heads up Facebook page admins, there's a new comment-scam propagating around pages on Facebook. Looks like this: pic.twitter.com/mkVtBo8dX1
— Luke (@alukeonlife) January 5, 2016
Malwarebytes, the cyber-security firm, analyzed the scam which is being propagated through the comment section and deduced that Facebook Page owners are the primary target.
How Does The Scam Spread Through Facebook?
The messages basically spread on Facebook through the comments which are left on the Facebook pages. The account from which these comments are made has the name "Facebook Security" which misleads many Page owners into believing that it is genuine. However, this account is not associated with Facebook Security in any manner.
The message given below is what Page owners are greeted with:
Your page will be disabled.
Due to your page has been reported by other users.
Please re-confirm your page in order to avoid blocking. You violate our terms of service. If you are the original owner of this account, please re-confirm your account in order to avoid blocking."
The message also asks users to access a fraudulent link - which has been shortened using LinkedIn's URL shortener lnkd.in - if they want to avoid their page being disabled. While the incorrect grammar and punctuation should have given the scam away, some people may still miss the inconsistencies.
However, the following request from the spammers should be a giveaway:
"To complete your pages account please confirm Http below:
If you do not confirm, then our system will automatically block your account and you will not be able to use it again.
Thank you for the cooperation helping us improve our service.
The Facebook Team"
If a Facebook user is deceived by this message and falls prey to this trick by clicking on the link, they will be directed to a page where the scammers ask one for their date of birth and login credentials for Facebook.
Once you have passed on this information, the scammers ask for your credit card payment details and issue the warning: "Caution. If you do not update your credit card your payment page will be disabled."
If you key-in the information and hit the "Confirm Credit" button you are redirected to the scam Facebook Security page. Clicking on the "Confirm Paypal" button will also direct users to a phishing page, which is located at: report-fanpage(dot)gzpot(dot)com/Next/paypal(dot)com(dot)htm
What To Do?
The scammers are obviously after your financial data and if you do not catch on even when a page dealing with Facebook data tries to take you to a PayPal-type page, then you're in trouble.
If you are unsure and you suspect any malicious activity, it is better to contact Facebook's help center. They will answer your queries. Facebook advises that if one receives any suspicious message or email which looks like it came from Facebook then they should report the same.
"If an email or Facebook message looks strange, don't click any of the links in it or open any attachments. Please report it to us," says the site.
Remember if Facebook wanted to disable your page it would have contacted you in a better, more personalized manner and not through a comment on your post!
Use Google Chrome or Firefox browsers as they flag the phishing sites as malicious.
MKHmarketing | Flickr