Facebook Team Security 2013 Phishing Scam – ‘Last Warning – Your Account Will Be Disabled

Facebook Team Security 2013 Phishing Scam – ‘Last Warning – Your Account Will Be Disabled’

Outline
Message purporting to be a “last warning” from Facebook Security 2013 claims that recipients must click a link and re-confirm their account within 24 hours or their Facebook account will be deleted.

Social Networking Phishing
© Depositphotos.com/Viviamo

Brief Analysis
The email is not from Facebook Security and the claim that users will have their accounts disabled if they do not confirm account details is a lie. The message is a phishing scam designed to steal both Facebook and webmail login details. If you receive one of these messages, do not click any links or open any attachments that it may contain.

Example

Subject: Last warning Facebook Team Security 2013

Last Warning: Your account will be disabled!

Immediately confirm your account in order to avoid blocking.

This is due to the number of Facebook users who use fake profiles, which violates the provisions of our services. If you are the original owner of this account please confirm your account to avoid blocking the account.
Please re-confirm your account here:
{Link Removed]

If within 24 hours you do not confirm, then your account will be deleted and the user will not be able to use it again.
Facebook Team Security 2013.

Terms of Intellectual Property and Security Policy
Copyright © 2013 ™ All rights reserved
Facebook Inc. P.O. Box 10005, Palo Alto, CA 94303

Detailed Analysis
This rather threatening email, which claims to be a “last warning” from Facebook Team Security 2013, warns recipients that, if they fail to click a link and reconfirm account details within 24 hours, their Facebook account will be permanently deleted. Recipients are informed that, due to the creation of fake profiles by a number of users, original owners of Facebook accounts must immediately confirm their account details to avoid being blocked.

However, the email is not from Facebook Security or any other legitimate Facebook source. In fact, the message is a phishing scam designed to trick users into disclosing both their Facebook and webmail account login details to Internet criminals. Those who fall for the ruse and click the scam link, will be presented with the following fake Facebook login, which is designed to closely emulate the genuine Facebook website:
Facebook Last Warning Phishing Scam
If they supply their Facebook login details on the fake form, victims will then be taken to a second bogus page that asks them to submit the username and password for their email account as well as other personal information:
Fake webmail account form

Finally, victims are shown a message supposedly confirming their submission before being automatically redirected to the real Facebook website:

Fake Facebook confirmation
All information supplied via the fake forms can be collected by criminals and used to hijack real Facebook and webmail accounts. The scammers may use the hijacked accounts to perpetrate further spam and scam campaigns and impersonate the genuine account holders for their own nefarious purposes. This is just one example in a series of similar “Facebook Security” phishing scams that have targeted Facebook users in recent years. If you receive one of these “Facebook Security” messages, do not click any links or open any attachments that it may contain.

Advertisements

2 responses to “Facebook Team Security 2013 Phishing Scam – ‘Last Warning – Your Account Will Be Disabled

  1. Pingback: Sample of Fake Facebook Notifications | scamFRAUDalert Reports Rip-off·

  2. Pingback: Fake Facebook Notifications | scamFRAUDalert online threat alerts expose·

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s