Man logging in on website - phishing
Home Facebook Related Facebook Account Reported Phishing Scam

Facebook Account Reported Phishing Scam

by Brett M. Christensen


Message purporting to be from Facebook claims that the recipient’s Facebook account has been reported for annoying or insulting other users and will be disabled if he or she does not confirm account details within 24 hours. 

Brief Analysis

The message is not from Facebook. It is a phishing scam designed to steal the user’s Facebook and webmail login details as well as credit card numbers and other personal details. If you receive this message, do not click any links that it contains.


LAST WARNING : Your account is reported to have violated the policies that are considered annoying or insulting Facebook users. Until we system will disable your account within 24 hours if you do not do the reconfirmation.

Please confirm your account below:

[Link Removed]

The Facebook Team
Copyright facebook © 2011 Inc. All rights reserved.</div

Detailed Analysis

Many Facebook users are currently receiving messages like the example shown above. The messages claim that the user’s Facebook account has been reported for policy violations, specifically, annoying or insulting other Facebook users.

The user is instructed to follow a link in the message in order to carry out an account “reconfirmation”. According to the message, which purports to be from “The Facebook Team”, the user’s account will be disabled if he or she does not confirm the account within 24 hours. 
However, the message is certainly not from Facebook and the claim that the user’s account has been reported is untrue. In fact, the message is a phishing scam designed to trick users into divulging their personal and financial information to Internet criminals. Those who fall for the ruse and click the link will be first taken to a fake Facebook “Account Disabled” web form that asks them to provide Facebook login details and part of their credit card number. The bogus form is shown in the screenshot below:

Fake Facebook Login page

Once the victim has completed this bogus form, he or she is then taken to a second fake form that asks for webmail login details:

Fake Webmail login

Once the requested Webmail details are provided, the user is taken to a third bogus form that asks for a username and – again – the first 6 digits of the user’s credit card number:

Fake Facebook terms of service message

All of the information provided on the bogus forms can be collected by the criminals operating the scam. Once armed with this information, the scammers can hijack the user’s real Facebook account and, posing as the account holder, send more scam messages to the victim’s Facebook friends. They can similarly hijack the victim’s webmail account and use it to send further scam and spam messages. Once they have hijacked these accounts, the scammers are likely to lock their victims out by changing account passwords and email addresses.

They may also use the stolen credit card information to delve further into their victim’s financial information with a view to conducting more fraudulent activities and identity theft.

There have been several variations of this scam over recent months. While the backstories used by the scammers may vary considerably, all are intended to trick users into supplying account login details and other personal and financial information to cybercriminals.

Another recent version, which purports to be an alert from Facebook Security, claims that the recipient’s Facebook account may have been compromised and that he or she must follow a link to verify account details within 12 hours or risk having the account permanently suspended.

Users should be very cautious of any message that asks them to follow a link to verify account information even if it looks like a genuine Facebook message and the link leads to a page that looks like the genuine Facebook website. Always login to your Facebook account directly via your web browser rather than by following a link in an email or chat message.

Such scams can often be identified by examining the link in the messages. The links are not genuine Facebook web addresses. The scams are often characterized by poor or unusual grammar and spelling.

Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,