Social media scams are on the rise, aiming to hijack accounts and steal personal information using deceptive messages and websites. One such prevalent scam targets Facebook page owners with fake notifications about their page being disabled. This article provides a comprehensive guide to identifying and protecting yourself from this phishing scam.
This Article Contains:
The scam starts with an unsolicited inbox message on Facebook claiming to be from “Facebook Business Support” or a similar name. The message states that your Facebook page has been disabled due to various violations like using someone else’s name/photos or sharing misleading content.
It claims you have been warned about these violations in the past, and that immediate action is required to avoid permanent deletion of your page. You will be provided a “Confirm Account” or “Appeal Disabling” link to supposedly verify your account within a short deadline.
However, this link sends you to a fake phishing website impersonating the Facebook login page. By submitting your login credentials here, you inadvertently provide the scammers complete access to your Facebook account.
This scam is specifically designed to instill fear and urgency in page owners about losing their invested time and efforts in building their page. The intrigue of a quick solution to recover the disabled page leads victims to act hastily without verifying the message authenticity.
How the Scam Works
Here is a step-by-step explanation of how the “Your Page Has Been Disabled” phishing scam operates on Facebook:
1. Receiving the Scam Message
You get an unsolicited message in your Facebook inbox or messages folder from a sender impersonating “Facebook Business Support”, “Facebook Copyright Division”, “Facebook Community Operations” or a similar misleading name.
The message claims that your Facebook page has been disabled as per reports of violations received from one or more copyright holders or organizations. This adds perceived legitimacy about a third-party complaint being involved.
Common alleged violations mentioned are:
- Using someone else’s personal images or content without permission
- Posting misleading, inaccurate or dangerous information
- Impersonating or misrepresenting a brand’s identity
- Violating Facebook’s community standards or terms of service
The message mentions that you have already received multiple warnings about these violations with no action taken. It states immediate verification is required to avoid permanent deletion of your page from Facebook.
A sample scam message looks like:
Sender: Facebook Business Support
Your Facebook page [Page Name] has been disabled for multiple violations of Facebook Policies and Intellectual Property Infringement Claims.
The International Brand Compliance Authority (IBCA) has reported the following violations:
- Using trademark brand names or logos without authorization
- Sharing libelous and inaccurate content about brands
- Impersonating an official brand representative online
As per our records, you have already received multiple warnings about such unauthorized and misleading content on your page. Since no corrective action was taken, your page has now been disabled to stop further violation.
To appeal this disabling and recover your page, you are required to immediately verify your account ownership by clicking on the link below and completing the verification process within the next 24 hours.
Confirm Account Ownership:
Failure to verify within this timeframe will result in your page being permanently deleted from Facebook. This action cannot be reversed.
Facebook Copyright Division
As you can notice, the message uses an authoritative tone alongside legal and technical jargon to seem legit. The 24 hour deadline pressures you into acting quickly without contemplating the validity of the message.
2. Visiting the Phishing Link
When you click on the “Confirm Account Ownership” or similarly titled link provided, it takes you to a fake Facebook login page instead of the real platform.
This phishing page mirrors the design and appearance of the actual Facebook site, including using the same blue color scheme, fonts and the Facebook logo.
You are asked to enter your Facebook login email and password to begin the account verification process. If you submit this, the scammers capture your login credentials in real-time.
In some cases, you may be redirected through multiple websites before landing on the phishing page. This is intended to hide the fake domain name displayed in the address bar.
3. Submitting Login Details
Once you’re on the phishing page, you are prompted to enter your Facebook email and password in the provided fields to verify account ownership.
As the site looks convincingly like the real Facebook login, most users end up submitting their details without realizing it’s a scam.
After capturing your login credentials, you may see a “Verification Successful” or “Your Page Will Be Restored” type of message. This is just to provide false assurance so you do not suspect foul play immediately.
Behind the scenes, your credentials have already been harvested by the scammers to gain access to your Facebook account.
4. Account Takeover
With your username and password, the scammers can now directly log into your Facebook account and page. This gives them full control as if they are you.
They can post content, message your connections, view personal information, operate connected apps and more. Some ways your compromised account can be misused:
- Posting clickbait, false news or malicious links to your page to generate traffic, install malware etc.
- Spamming your friends and contacts with more phishing links or scam messages
- Accessing your profile info and sharing it on the dark web or using it to create fake accounts
- Taking over or deleting your Facebook page which you worked hard to build
- Demanding you pay a ransom to regain access to your page
- Commandeering your account’s advertising tools for their own needs
- Hijacking your linked apps like Instagram or Messenger
Within days, you may find unauthorized content being shared from your account. At this point, Facebook may also disable your account due to suspicious activity if reported by others.
You have now effectively lost control of your account, page and personal data due to accidentally giving away your login details.
What to Do if You Get This Message
If you receive any unsolicited message about your Facebook page being disabled, here are some tips to protect yourself:
- Remain calm – Scammers want you to panic and act without thinking. Carefully analyze the message before proceeding.
- Check sender details – Facebook uses an @facebookmail.com or @support.facebook.com email address. Messages from other domains are fake.
- Look for typos/errors – Legitimate Facebook messages have no grammar or spelling mistakes generally.
- Go to account directly – Login and check for any page disabling notification from Facebook itself.
- Don’t click links – Links lead to fraudulent sites stealing your info. Type Facebook.com directly in the browser.
- Ask for proof – Reply to the message requesting evidence of the disabling reason, warnings sent etc.
- Report message – Use Facebook’s “Find Support” option to report the phishing content.
- Enable 2FA – Turn on two-factor authentication as an added security layer protecting your account.
- Change passwords – Update your Facebook, email and other passwords periodically.
What to Do if You Shared Your Login Details
If you already entered your Facebook login email and password on the phishing site before realizing it’s a scam, take these steps immediately:
Secure Your Account
- Change your Facebook password – Do this via Facebook’s security settings. Choose a strong, unique password.
- Enable two-factor authentication – Add 2FA through Facebook’s login approvals settings. This adds a second layer of verification.
- Remove trusted devices – Delete any saved trusted browsers or devices through the security settings.
- Check login activity – Facebook shows recent logins and locations. Look for any unknown sessions.
- Revoke account access – Remove any granted access to third-party apps or sites through Facebook.
Scan for Unauthorized Changes
- Review page content – Check all your page’s posts and info for any signs of unauthorized access.
- Look at messages – Open your inbox and messages to see any phishing content sent via your account.
- Assess privacy settings – Verify your profile and page privacy settings have not been tampered with.
- Change app passwords – Update passwords for Instagram, Messenger or other connected apps.
Report Hacked Account
- Use the Facebook hacked account form – Submit details to get help securing your compromised account.
- Submit photo ID – Upload a photo ID via the hacking request form to prove account ownership.
- Report phishing content – Flag any scam posts or messages visible to others on Facebook.
- Inform contacts – Let your friends list and page followers know about the hacking if needed.
Recovery Process for Disabled Accounts
If your account does get disabled by Facebook due to suspicious behavior resulting from the hacking, here is how to recover it:
- Submit ID – Upload a photo ID using the Facebook disabled account form to establish your identity.
- Dispute violations – List violations cited in the disabling message and explain how your account was hacked.
- Request review – Ask Facebook’s automated systems or human moderators to review the disabling decision.
- Be patient – The review process can take 1-2 weeks in most cases. Check your registered email for updates.
- Enhance security – Strengthen account security during the waiting period, like updating information and enabling two-factor authentication.
- Avoid shortcuts – Do not try shortcuts like creating a new account, which will be disabled too. Follow protocol.
- Add personal touch – If possible, include some personal context explaining what the account means to you in the recovery request.
Regaining access to a disabled Facebook account requires patience and cooperation with Facebook’s processes. With the right approach, most legitimate accounts can be restored over time.
Facebook Scam Prevention Tips
Here are some general tips to enhance your security and prevent getting scammed on Facebook:
- Use strong passwords – Don’t repeat or reuse passwords. Use random strings of letters, numbers and symbols.
- Be wary of unsolicited messages – Don’t open messages from unknown contacts discussing account issues.
- Check sender’s details – Verify the email address, profile photo, URL links etc. before responding.
- Limit info sharing – Be selective about posting personal data publicly on your profile or page.
- Secure connected apps – Use strong passwords and two-factor authentication for associated apps like Instagram too.
- Beware of ads/offers – Don’t enter info or download files from ads making unbelievable claims.
- Keep software updated – Use the latest OS and browser versions. Install anti-virus programs.
- Report fakes – Use Facebook’s reporting tools if you encounter scam profiles or content.
- Turn on login alerts – Enable email or SMS notifications for when your account is accessed from new locations or devices.
Staying cautious and attentive can help avoid losing your account to scammers.
Frequently Asked Questions
Is this really from Facebook or is it a scam?
Messages about your page being disabled due to policy violations are almost always a scam tactic. Facebook directly contacts users prior to taking any disabling action.
How did the scammers know my page name?
Scammers target public page owners randomly. They can easily view page names, send messages and post content.
What should I do if I entered my Facebook password on the phishing site?
Immediately change your Facebook password and turn on login approvals for added security. Also review recent account activity closely for unauthorized changes.
Why is Facebook asking for my password? Should I give it?
Facebook will never ask for your password directly via an inbox message. Any such request is a scam. Never reveal password or OTPs.
Can my account get hacked just by clicking the link?
Simply clicking won’t compromise your account immediately. But entering login details on the phishing site it leads to will get it hacked.
What happens if my account gets permanently disabled?
You can recover a disabled account in most cases by submitting ID proof and disputing the violations cited. This process may take 1-2 weeks.
How long does Facebook take to reactivate a hacked account?
If you report a compromised account with details, Facebook will lock it pending identity verification. After submitting valid ID proof, account access is restored within a day or two.
Is there a number I can call Facebook at for account issues?
No, Facebook does not have live telephone support. All communication for account problems must be through the platform’s official web forms.
Can I create a new account if my original one is disabled?
No, creating multiple accounts after being disabled is against Facebook policy and may lead to permanent ban. Follow proper recovery procedures.
How do I regain access to my page after getting hacked?
If you act quickly, changing passwords and securing your account should stop the hacking and regain page access. In worst cases, the recovery process may take 1-2 weeks.
The “Your Page Has Been Disabled” Facebook scam can seem quite convincing but awareness of its deceptive red flags can help avoid becoming a victim. If you do fall prey, take immediate steps to lock down and restore your account. Being cautious and using Facebook’s reporting tools is key to keep your account and data safe from phishing risks.