Scams & Phishing News Fake Facebook account closure scam aims to steal login credentials

Brownie2019

Level 23
Thread author
Verified
Well-known
Forum Veteran
Mar 9, 2019
1,050
5,609
2,168
Germany
Scammers try to create anxiety so victims will act without thinking
Scammers are sending fake Facebook warnings claiming accounts will be closed or suspended because of "fraudulent activity" in an effort to steal login credentials.

The messages often direct users to a counterfeit Facebook login page where usernames, passwords, and even two-factor authentication codes can be captured.

Cybersecurity experts say users should never click links in unsolicited account warnings and should instead log into Facebook directly through the official app or website to check for any legitimate notices.

Facebook users are once again being targeted by a phishing scam that falsely claims their accounts are about to be shut down because of alleged fraudulent activity.

The scam typically arrives as a Facebook Messenger message, email, or direct message from what appears to be Facebook or Meta. It warns recipients that their account has violated Facebook's policies, has been involved in suspicious activity, or will be permanently disabled unless they immediately verify their identity.

The messages often include a prominent button labeled "Appeal," "Verify Account," or "Secure Your Account." Instead of taking users to Facebook, however, the link leads to a convincing but fake website designed to look nearly identical to the real Facebook login page.

The goal is simple: steal account credentials.

The risks
Once victims enter their username and password, scammers can immediately gain control of the account. Some phishing sites also ask for two-factor authentication codes, allowing criminals to bypass additional security protections.

With access to a Facebook account, scammers can lock out the legitimate owner, impersonate them to solicit money from friends and family, operate fraudulent Marketplace listings, or use business accounts to run unauthorized advertisements. In some cases, compromised accounts become launching points for additional phishing attacks.

Meta has repeatedly warned that phishing remains one of the most common ways criminals compromise accounts. The company says it removed more than 159 million scam advertisements and disabled 10.9 million Facebook and Instagram accounts linked to organized scam operations during 2025.

Red flags to watch for
Security experts say these fake account suspension notices share several common characteristics:

They create a false sense of urgency, demanding immediate action to avoid account deletion.

They contain links that do not lead to an official facebook.com or meta.com domain.

They use generic greetings instead of addressing users by name.

They contain grammatical errors, awkward wording, or unusual formatting.

They ask users to enter login credentials or verification codes after following a link.

According to Facebook's Help Center, legitimate account notifications can be viewed by logging directly into your account. Users should be suspicious of unsolicited messages urging them to click a link to resolve an alleged account problem.

How to protect yourself
Facebook users can reduce their risk by following a few basic security practices:

Never click links in unexpected emails or messages claiming your account is at risk.

Open the Facebook app or type facebook.com directly into your browser to check for official notifications.

Enable two-factor authentication to make it harder for criminals to access your account.

Use a unique, strong password that is not shared with other online accounts.

Report suspicious messages to Facebook and delete them without responding.

Anyone who believes they entered their credentials into a fake website should immediately change their Facebook password, review recent login activity, enable two-factor authentication if it is not already turned on, and check whether any recovery email addresses or phone numbers have been changed.

Meta said it continues to expand AI-powered scam detection and new warning tools across Facebook and Messenger. However, the company said user vigilance remains one of the strongest defenses against increasingly sophisticated phishing attacks.
 
  • Like
Reactions: Parkinsond
Key takeaway

The advice is sound: treat unexpected Facebook suspension or “fraudulent activity” messages as potential phishing attempts. Do not use the links or provide passwords, recovery codes, or two-factor authentication codes.

Instead:

  • Open Facebook through the official app or type Facebook manually.
  • Check account alerts and recent login activity from within Account Center.
  • Change the password immediately if credentials were entered on a suspicious page.
  • Review recovery email addresses, phone numbers, active sessions, and connected apps.
  • Enable two-factor authentication using the official Facebook settings.
  • Report and delete the suspicious message.

The article’s general security guidance is reasonable, but the specific claims about Meta’s 2025 enforcement figures should be checked against an official Meta source before being treated as verified. Two-factor authentication reduces risk, but it does not make entering credentials into a phishing page safe, especially when the attacker also requests the authentication code.
 
Containing grammar errors isn’t as common anymore, as the article notes, because many cybercriminals now use AI tools like ChatGPT to craft more convincing scams. We need to update our guidance and stop advising people to rely on spotting these errors, since technological advances have made them far less reliable as warning signs. We know this because AI writing tools allow for faster and more accurate content creation, including write-ups and coding. Why spend more time doing things manually when they can be completed in seconds? In fact, I typed this using Edge’s built-in AI auto-correct tool, not even ChatGPT.
 
  • Like
Reactions: TairikuOkami