Got a Facebook Protect Security Message? Why It’s Probably a Scam

Photo of author

Written by: Thomas Orsolya

Published on:

Have you received an email, text or Facebook message claiming your account needs to turn on “Facebook Protect” or it will get locked? Beware – it’s a scam attempting to steal your personal information. This sophisticated phishing campaign aims to trick users into handing over their login credentials.

This article will provide an in-depth look at how the Facebook Protect phishing scam works, how to spot fake messages, what to do if you clicked on a scam link, and how to properly enable the real Facebook Protect security feature.

Facebook Protect Scam

Overview of the Facebook Protect Phishing Scam

The Facebook Protect phishing scam is a new threat targeting Facebook users through emails, text messages, Facebook Messenger, or other channels. Scammers send authentic-looking messages claiming to be from Facebook, warning victims to enable the new “Facebook Protect” advanced security feature or else their account will get locked.

However, these messages are fake phishing attempts aimed at stealing login credentials and account access. The messages direct users to a convincing but fraudulent Facebook login page to harvest usernames, passwords, and other private data to hijack accounts.

Here is the text of a typical Facebook Protect phishing message:

Your account requires advanced security from Facebook Protect

Hi

Your account has the potential to reach a lot of people, so we require stronger security. We built Facebook Protect, an advanced security program, to help defend accounts like yours.

Warning! Turn on Facebook Protect for your account by January 18. After that, you will be locked out of your account until you enable it.

We’ve already turned on advanced login protections for your acocunt.
To fully enable Facebook Protect, we’ll check your account for vulnerabilities, and help you resolve them.

[TURN ON FACEBOOK PROTECT]

This scam is especially troubling because it exploits recent high-profile hacking incidents and media coverage around Facebook’s real Protect security initiative. Launched in late 2021, Facebook Protect is a legitimate opt-in program that provides extra account security for high-risk, public-facing accounts like politicians, journalists, activists, and influencers who face increased threats of malicious hacking attempts or targeted online attacks.

However, the average everyday Facebook user does not need to enable Facebook Protect yet unless specifically notified by Facebook through official on-platform notifications. Scammers are sending out mass messages taking advantage of public awareness about Protect’s launch targeting all users indiscriminately without proper eligibility checks, claiming accounts face urgent disabling risks if Protect isn’t immediately activated through their deceptive links.

These sophisticated phishing messages mimic Facebook’s branding, language, and communication styles used in real security notifications to trick unsuspecting users. Without scrutinizing messages closely, links can direct victims to flawless spoofed Facebook login pages where inputs get harvested directly by hackers rather than authentic Facebook platforms.

Once loaded with sets of real usernames and passwords, scammers gain instant access to steal personal information, post malicious links or scam ads, access connected apps and sites, and even lock out the legitimate account owner. In worst cases, compromised accounts become pawns to perpetrate larger hacking campaigns, malware attacks, identity fraud rings, rampant misinformation spread, and other far-reaching cybersecurity threats if hackers sell account access on dark web marketplaces.

How the Facebook Protect Scam Works

Let’s break down step-by-step how this devious phishing scam works to steal Facebook user login credentials and personal information:

Step 1 – Receiving the Fraudulent Message

The first thing victims notice is an email, SMS or Facebook message appearing legitimate. It raises alarm about your Facebook account requiring urgent security upgrades.

To make it convincing, it’s sent from an email like “security@facebookmail.com” or Facebook message from “Facebook Support”.

The message insists you must “Turn On” or “Enable” Facebook’s advanced security feature called “Facebook Protect” or else get locked out. This sets up a sense of urgency and threat putting people more at risk of falling for the scam.

Step 2 – Clicking the Call-To-Action Link

If you click the prominent call-to-action button or link to enable Facebook Protect, you are taken away from Facebook and onto an external phishing site.

The website you land on is made to precisely mimic Facebook’s login page. It has the same familiar blue and white color scheme, logo placement and format.

The only giveaway you’re on a fake site is the web address. If you look closely, the URL will have a slightly different spelling to facebook.com such as facebollkk.com.

But most people glance over this detail. All they see is what looks exactly like Facebook demanding their login details.

Step 3 – Entering your Facebook Credentials

Believing you are on the official Facebook site, victims naturally enter their email and Facebook password when prompted.

Some fake Facebook sites cunningly ask for more sensitive personal information beyond email and password. This includes full name, date of birth, mobile number and even payment card details.

Victims willingly hand all this personal data over without realizing it’s falling straight into the hands of cybercriminals running the phishing site.

Step 4 – Account Access & Information Stolen

Within seconds of victims submitting their private login credentials, the data is harvested by the scammers to access Facebook accounts.

Once inside an account, criminals can see and steal precious personal information including:

  • Full name & contact details
  • Location data
  • Private messages & search history
  • Connected apps permissions
  • Photos, posts and bio info
  • Friends/followers lists

In cases where credit card or online banking details are stored in Facebook’s payment settings or Messages, this highly sensitive information is also stolen.

For cybercriminals, access to an authenticated Facebook account is a goldmine for identity theft, financial theft or extortion.

Step 5 – Spreading More Scams

Now able to pose as the victim online, hackers misuse compromised accounts for criminal means.

A common next step is impersonating the user to trick Facebook friends with more phishing links or fake money-raising appeals. This allows them to widen the scam to more people.

In some cases, crooks secretly install malware in Messages that spreads viruses to a victim’s Facebook contacts. Again this grows the criminal scheme.

Hijacked account access equips scammers with all they need to ruin reputations, destroy relationships and enable serious identity theft.

What to do if You Fell Victim to the Scam

If you entered your Facebook login details on a website prompted from a Facebook Protect message, don’t panic. Here are the steps to take right away to secure your account:

1. Change Your Facebook Password

If you still have access, first change your Facebook password immediately. Make sure it’s unique from passwords used on other sites. Enable two-factor authentication if you haven’t already for an extra layer of security.

2. Check Account Settings & Privacy

Review all Facebook account settings to spot any changes made without your permission. Check things like your associated email and phone number, banned users lists, security and login settings, and privacy settings.

For privacy, make sure unknown viewers didn’t get access to personal data. Change privacy on posts, friends list, and limit old posts visibility to just yourself if needed.

3. Scrub Compromised Info From the Account

If scammers did gain access, scrub any personal info they could leverage for identity theft or other fraud. This includes things like your address, phone number, family details, etc.

Ideally reset the account to default privacy settings temporarily until you can audit everything the scammer had access to while logged in as you.

4. Report Compromised Account to Facebook

Facebook has a compromised account reporting process that can help secure your account if it was accessed by an unauthorized third party using your credentials without consent.

Go to Facebook.com and click “Forgot Password” to initiate account recovery. Click “No longer have access to these?” and follow prompts to report your account has been compromised. Provide details on the unauthorized access via the phishing scam in your report.

5. Enable Facebook Protect

Once you regain access, officially enable Facebook Protect via your account security settings page. Facebook Protect adds real security measures like monitoring for suspicious activity, two factor authentication enforcement, login approvals, and other account checks.

Enabling the legitimate Facebook Protect can add protections against future phishing attempts or other account breaches related to hacked or leaked passwords in the future.

How to Spot Facebook Protect Phishing Messages

While some Facebook Protect scam messages may look surprisingly real, there are a few key signs to distinguish fakes:

Sender Details Don’t Match Official Facebook

Pay attention to the details in message headers on emails or sender accounts on Facebook messages. Phishing sites often spoof the name “Facebook” but have slightly different email addresses or account URLs.

Links Don’t Go to Facebook.com

Hover over or click through links before entering info. The domains should redirect to Facebook.com or accounts.facebook.com. If they go elsewhere, it’s a big red flag for malicious intent.

Strange Tone, Grammar Issues, or Suggestions

Facebook uses clear, concise language in all official comms. Look for awkward phrasing, grammar issues, threatening demands to take specific actions, or out-of-character tone. These all indicate scammers wrote rather than official Facebook teams.

Urgency, Threats, or Suspicious Deadlines

Facebook rarely sets arbitrary deadlines that would trigger losing account access completely. Scammers use false urgent deadlines and account deactivation threats to prompt action without thinking.

Requests Personal Info Beyond Credentials

Facebook never asks for personal info like credit cards, ID, or other sensitive details through unsolicited messages. Requests beyond your standard login credentials indicate malicious intent.

Stay vigilant against these red flags in messages related to Facebook Protect or account security. Only take action via official Facebook channels like notifications directly on Facebook.com or in the official mobile apps.

Enabling the Real Facebook Protect Security Program

While scammers are promoting fake Facebook Protect activation, there is a legitimate Facebook Protect program you can enable for added account security:

Check if You’re Eligible

To enable the official version, first check if your account qualifies. Facebook is selectively rolling out Facebook Protect to users who meet certain criteria:

  • Public figures, creators, journalists, government agencies, political candidates, etc.
  • Accounts at high risk of hacking due to public visibility
  • Users in certain countries like the US, UK, Australia, etc.

You’ll receive an official eligibility notification from Facebook if you meet the above criteria for extra security requirements.

Enable Via On-Site Notification

If found eligible, go through Facebook Protect setup via the official in-site notifications. Look for a blue icon that says “Facebook Protect” at the top of your Facebook dashboard.

Click this notification and select “Get Started” to enable the legitimate Protect program tied directly to your account security settings.

Frequently Asked Questions about the Facebook Protect Scam

The Facebook Protect phishing scam targets users with fake security messages to steal account credentials. This FAQ answers common questions around spotting and responding to Protect scam attempts targeting your account.

1. What is the Facebook Protect scam?

The Facebook Protect scam is a phishing attack where scammers impersonate Facebook to trick users into handing over their login credentials. They send fake security alerts claiming your account requires urgent activation of “Facebook Protect” or it will get disabled. The alerts pressure victims to click on links leading to convincing spoofed Facebook login pages that steal entered usernames and passwords.

2. How does the Facebook Protect phishing scam work?

This scam works in five stages:

  1. You receive an authentic-looking email, text or Facebook message claiming to be from Facebook Security requiring you to enable a security feature called “Facebook Protect” immediately or lose all account access.
  2. The message urges you to click a “Turn on Facebook Protect” link or button to avoid impending account disabling per Facebook’s security policies.
  3. Clicking the link leads to an extremely realistic but fake Facebook login page asking you to enter your current username and password to confirm your identity.
  4. Unwitting victims enter their actual Facebook credentials which get harvested by hackers running the spoofed phishing page.
  5. Within seconds hackers gain full access to compromised accounts, changing login details locking out owners.

3. What are some tactics used in Facebook Protect phishing messages?

These scam messages use:

  • Deceptive links masked under redirects to hide the malicious end-point phishing site
  • Logos/branding spoofing Facebook’s real visual identity
  • False authority claims by citing fake Facebook security teams or policies
  • Arbitrary account disabling deadlines to pressure immediate action
  • Technical cybersecurity language like “vulnerability scans” to sound credible
  • Typos, bad grammar signaling foreign scam operators

4. What should I do if I got a Facebook Protect scam message?

If you receive a suspect Facebook Protect activation message:

  • Hover over any links to preview the true underlying URL destination.
  • Check for slight differences in the sender’s email or account handle compared to official Facebook domains.
  • Do not click links or provide any information without going directly to Facebook.com to validate messages first.
  • Report scam messages directly to Facebook immediately for further fraud investigation.

5. What if I already clicked a Facebook Protect phishing link?

If you supplied your username and password on a Facebook Protect phishing site, immediately:

  • Change your password securely via Facebook.com
  • Enable login approvals for extra security
  • Check privacy settings for posts being shared publicly without consent
  • Review friends lists for spam bots being added maliciously
  • Submit a compromised account report to Facebook’s security team

6. How can I enable the real Facebook Protect security?

The legitimate Facebook Protect program adds extra security measures for accounts facing heightened risks like public figures and activists. If you qualify, you’ll receive an official onboarding notification directly within the Facebook app or website guiding you through the 2-step verification enrollment process. Only enroll this way, never through third-party links claiming urgent deadlines or disabling threats if you don’t enable their product calling itself “Facebook Protect.”

Carefully scrutinize any messages related to account security for subtle flaws indicating phishing attempts to keep your account secured against evolving scam tactics.

The Bottom Line

The Facebook Protect phishing scam is concerning due to very believable-looking messages and sites impersonating Facebook. But spotting subtle differences in senders, links, domains, language, threats, and requests for personal information can avoid falling victim.

If your account credentials were compromised via a fake Facebook Protect message, take immediate action by changing passwords, scrutinizing account activity for unauthorized changes, reporting compromised access to Facebook, and enabling two-factor authentication.

Enable the real Facebook Protect feature if you qualify as a public figure, high-profile target for additional protection against future scams or attacks. But otherwise remain vigilant against suspicious messages, links, and requests related to account security going forward.

How to Stay Safe Online

Here are 10 basic security tips to help you avoid malware and protect your device:

  1. Use a good antivirus and keep it up-to-date.

    Shield Guide

    It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.

  2. Keep software and operating systems up-to-date.

    updates-guide

    Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.

  3. Be careful when installing programs and apps.

    install guide

    Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."

  4. Install an ad blocker.

    Ad Blocker

    Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.

  5. Be careful what you download.

    Trojan Horse

    A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.

  6. Be alert for people trying to trick you.

    warning sign

    Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.

  7. Back up your data.

    backup sign

    Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.

  8. Choose strong passwords.

    lock sign

    Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.

  9. Be careful where you click.

    cursor sign

    Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.

  10. Don't use pirated software.

    Shady Guide

    Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.

To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.

Leave a Comment

Previous

Don’t Fall for the Fake Hackett Clearance Sale 90% Off Scam

Next

Warning: Don’t Fall for the Capital One “Approve Payment” Scam Email