Phishing Scam
Home Facebook Related Facebook ‘Account May Not Be Authentic’ Phishing Scam

Facebook ‘Account May Not Be Authentic’ Phishing Scam

by Brett M. Christensen

Outline

Message purporting to be from Facebook claims that the recipient’s Facebook account is to be blocked because the account may not be authentic. The recipient is instructed to click a link to reconfirm the account within 24 hours and is warned that failing to reconfirm will result in permanent removal of the account. 

Brief Analysis

The message is not from Facebook and the user does not need to reconfirm the account as claimed. The message is a phishing scam designed to steal Facebook login details and personal and financial information. If you receive one of these messages, do not click on any links that it contains.

Examples

Facebook Phishing Scam message

 

Message Facebook

Notice Blocking Facebook Account
We have received feedback that your account may not be authentic. Facebook is a community where people share and interact using real identity.
Please reconfirm your facebook account below:

Click here [Link Removed]

attention:

All accounts that are not verified within 24 hours will be removed from our database and the user will not be able to use it again.
Thank you for your attention.

Facebook © 2013 Copyright Network Inc.

Facebook phishing scam message

Detailed Analysis

This message, which purports to be from Facebook, claims that the user’s Facebook account will be blocked unless he or she clicks a link and reconfirms account details. According to the message, the account blocking is because of reports that the account may not be authentic. The user is further warned that, if he or she fails to reconfirm within 24 hours, the account will be removed from the network’s database.

However, the message is certainly not from Facebook. Nor is the user required to reconfirm the account to avoid blocking. In fact, the message is a phishing scam designed to trick Facebook users into handing over their account login details as well as their personal and financial information. 
Those who fall for the ruse and click the link will first be taken to a bogus Facebook login page as shown in the following screenshot:

Facebook phishing website 1

After submitting the Facebook login details, victims will then be taken to another bogus form that asks for their email address and email password along with other account related information:

Facebook phishing website 2

Next, victims will be taken to yet another bogus page that requests their credit card details:

Facebook phishing website 4

After users click “confirm” on the final form, they will be automatically redirected to the genuine Facebook website. Alas, all of the information they have submitted will be collected by Internet criminals. Armed with this stolen data, the criminals can hijack the compromised Facebook and webmail accounts and use them to initiate further scam campaigns. They are likely to lock the legitimate users out of their accounts. The criminals can also use the stolen information to commit credit card fraud and identity theft.

This type of phishing scam is common and continues to find new victims every day. Similar scam emails – many of which falsely claim to be from “Facebook Security” – have been regularly distributed to Facebook users for several years. The scam messages are often characterized by poor or unusual spelling and grammar. They also tend to feature strange formatting of keywords such as “Facebook”, apparently in an effort to confuse spam and scam filters.

Be wary of any message purporting to be from Facebook that claims that you must follow a link to verify your account.

Always login to your Facebook account by entering the address in your browser’s address bar rather than by clicking a link in an unsolicited email.



Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,
Hoax-Slayer