Facebook users should keep an eye out for fake copyright infringement warnings that are being distributed via Facebook private messages.
The fraudulent messages, which at first glance may appear to be official Facebook notifications, claim that your account is to be deactivated due to a large number of copyright infringement reports.
The messages suggest that you click a link to complete an appeal form if you think the account deactivation is a mistake.
However, Facebook did not send the message and your account is not about to be deactivated as claimed.
In fact, the message is a phishing scam designed to steal your Facebook account login details. It has no connection to Facebook. Note that genuine Facebook notifications would never use a link supplied by URL shortening service bit.ly.
If you click the link, you will be taken to a fraudulent website that gives the illusion that it is part of Facebook. The web address of the fake page contains the words “facebook.com” in an effort to fool people into believing that they are still on Facebook.
When you arrive at the fake website, the following fake copyright notice will be displayed:
When you click the “Continue” button, the following bogus “Facebook Security” form will load in your browser:
Meanwhile, the scammers can collect the information you submitted on the fake form and use it to hijack your Facebook account. Once they have gained control of your account, they can lock you out and begin using your account to distribute spam and scam messages in your name.
Criminals regularly use fake Facebook Security messages to trick people into handing over their login credentials. Be wary of any message that claims to be from Facebook and instructs you to click a link to rectify a supposed account problem.
Always login to Facebook by entering the address into your browser’s address bar or via a trusted app. If there really is an account problem, you will generally be informed of the issue after you log in.
Facebook includes information about avoiding and reporting such phishing scams in its help files.