Skip to Content
Facebook password scam
© Konstantin Kirillov |
Security & privacy

Don’t fall for this Facebook scam that steals your password

Social media accounts are more valuable to cybercriminals than you might think. Tap or click for 10 accounts more valuable to cybercriminals than your credit card. That’s why thieves are constantly finding new ways to steal credentials. That brings us to a recent Facebook phishing attack. If you fall for it, you’re handing over your account to criminals.

Read on for ways to protect your account and personal information.

Scammers targeting your Facebook credentials

Scammers go to extreme lengths to steal your Facebook username and password. With your credentials, they can send your contacts malicious messages that spread malware and even commit identity fraud.

According to the Better Business Bureau (BBB), criminals pretending to be from Facebook is the latest scam making the rounds. Here’s how it works. You’ll receive an email claiming you violated a Facebook policy and your account is now disabled.

The message goes on to state that if you feel the violation is a mistake, you must click a link that is included to file an appeal and request a review. It might also give you 24 hours to file the appeal, or your Facebook account will be deleted permanently.

However, when you click on the link in the email, it takes you to a spoofed site resembling the Facebook page where you would appeal a policy violation.

BBB explains that on this page, you’ll be asked to enter your login email, phone number, name and other personal details. Once you hit submit, you’ll be asked to confirm your password. Doing this gives criminals all the information they need to get into your Facebook account.

There are different versions of the phishing email going around. But they all have the same goal. To steal your Facebook credentials. Don’t fall for it!

How to avoid Facebook phishing scams

This scam plays on your fears. The scammers try to convince you that you’ll lose your Facebook account forever if you don’t act quickly. The best way to avoid being scammed is to think before you act and inspect the message. You’ll most likely see spelling and grammar mistakes.

Here are more ways the BBB suggests to avoid Facebook phishing scams:

  • Don’t panic. Always read suspicious emails carefully, looking for signs of a scam, before you act. Remember that scammers love to target social media accounts, so fake alerts aren’t uncommon.
  • Verify the claims. Log into your Facebook account directly to verify there is a problem before deciding how to proceed.
  • Always log into your account directly. Even if you think an alert is authentic, use your social media app to log in or enter the URL in the browser by typing it, not by clicking on a link sent to you.
  • Guard your login credentials carefully. Never enter login information on a third-party website or a page other than the official Facebook website. Never send your login information to someone via email or Facebook Messenger. If you entered your login credentials into a fake form, change your password immediately.

If you see a social media scam, report it to Your report helps BBB build awareness about common tactics to help others avoid being scammed.

Keep reading

Three signs an Instagram, Facebook or Twitter account is fake

Facebook Messenger is better than ever – Here’s what’s new

Refer friends, earn rewards

Share your source of digital lifestyle news, tips and advice with friends and family, and you'll be on your way to earning awesome rewards!

Get started