Email Phishing Scam
Home Facebook Related Facebook Account Update Phishing Scam Email

Facebook Account Update Phishing Scam Email

by Brett M. Christensen

Outline

Email, purporting to be from Facebook, claims that Facebook is implementing a new login system and that the user must follow a link in the message to update his or her account. 

Brief Analysis

The email is not from Facebook. In fact, the message is a phishing scam designed to steal Facebook login details.

Example

Subject: Facebook Account Update

Dear Facebook user,

In an effort to make your online experience safer and more enjoyable, Facebook will be implementing a new login system that will affect all Facebook users. These changes will offer new features and increased account security.
Before you are able to use the new login system, you will be required to update your account.
Click here to update your account online now.
If you have any questions, reference our New User Guide.
Thanks,
The Facebook Team

Facebook Phishing Scam email

 

Detailed Analysis

This email, which purports to be from social networking website, Facebook, claims that Facebook is about to implement a new login system. The message claims that Facebook users must follow a link in the message to update their details before they will be able to use the new system.

However, the email is not from Facebook and the claim that Facebook users are required to update their account details is untrue. 
In fact, the email is a phishing scam designed to steal Facebook login details from unsuspecting users. To further the illusion of legitimacy, the email is designed and formatted to resemble a genuine Facebook message. Those who fall for the ruse and follow the link in the bogus email will be taken to the following fake Facebook login page:

Fake Facebook Login Page

The fake login page has been created so that it looks like a genuine Facebook login.

If a victim enters his or her username and password on the bogus page and clicks the “Login” button, the following pop-up notice will be displayed:

Fake Facebook Notification

The notice claims that the account confirmation has been completed. Clicking the “OK” button takes the user to the genuine Facebook website.

Users who submit their login details on the fake page will actually be sending their username and password directly to the criminals running the phishing scam. Because the scam notice redirects to the genuine Facebook website, the victim may not realize that his or her account has been compromised until it is too late.

Once they have stolen this information, the scammers can then log in to their victim’s real Facebook account and pose as the genuine user. They can also change account details thereby effectively locking the genuine user out of his or her Facebook account. Having successfully hijacked the user’s account, the scammers can then use it to post spam and scam messages in the victim’s name and steal any personal information stored in the account.

Phishing scammers regularly target Facebook users. Users should be very cautious of any email that claims to be from Facebook and asks them to click a link and provide login or other personal information.



Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,
Hoax-Slayer