Ask Dave Taylor
  • Facebook
  • Instagram
  • Linkedin
  • Pinterest
  • Twitter
  • YouTube
  • Home
  • Videos
  • Most Popular
  • Top Categories
  • Books
  • About Dave
  • Ask Me
  • > Donate <
  • Home
  • Spam, Scams & Security
  • Is Facebook Membership Verification SMS Text a Phishing Scam?

Is Facebook Membership Verification SMS Text a Phishing Scam?

March 28, 2020 / Dave Taylor / Spam, Scams & Security / No Comments

I’m confused. I got a text message from Facebook saying that my last post was reported by someone and that I need to “verify my membership”. Except it’s not taking me to Facebook’s Web site. What’s going on, and is this a scam?

Let’s start out with the basic fact: Yes, this is a scam. In fact, if Facebook needed to communicate with you, the company would through the Facebook messaging app or through a notification within Facebook itself. Why would it text you? Why would the company send you an email? This is true of all big companies, actually, so if you get an email from Google asking you to go to a third party site and verify your account status, or from your bank asking you to check an unknown deposit it’s almost guaranteed to be bogus. Not entirely sure? Go to that service as you usually would (for example, wellsfargo.com for Wells Fargo Bank) and check your messages within the site’s messaging system.

The important thing is to never tap or click on any links included in these sort of messages. At its most benign it could be porn or some casino site or scam, but it could also be an elaborate phishing attack where it looks completely like the regular site home page and, of course, prompts you to log in. At its worst, simply visiting the site could infect your system or device with malware. ¡No bueno!

A good friend of mine actually received a very similar text message “from” Facebook so I had a chance to investigate a bit. First off, here’s the message he received:

facebook phishing attack text message sms

Not too bad an attempt, though they misspelled “avoid” just after the link. But there are a couple of things to notice before reacting in any way. First off, that link. user-page.online? If this were really from Facebook, it’d be something at facebook.com (or perhaps fb.com which is also one of their domains). Not some “.online” site, for sure.

Also notice the phone number. Facebook is based in Northern California and the 224 area code (as revealed by a quick Google search) is greater Chicago. Heck, if you Google the phone number itself you can find that it’s been used for scams as far back as 2004, when people calling from that number were pretending to be with local power utilities. The fact that it’s not shut down is frustrating, but if this were legitimately from Facebook, wouldn’t you think a search on the phone number would show it’s a Facebook support or security phone number?

Next bit of detective work is to learn a bit more about the domain itself. One way to do that is to replace the “fb” in the listed domain with “www”, producing www.user-page.online:

www.user-page.online ready to go landing page web

“Hosted by Namecheap”? Absolutely and incontestably not a real Facebook Web page!

With that in mind, going to the fb. user-page.online page is interesting because it produces an error “Can’t reach this page”. But my friend told me that he saw what looked like a legit Facebook login page. My conclusion: the scammers pulled down the page after getting in trouble with the hosting company. The page I ended up was a local one, however the curious “localhost/appManage/simpleIntrt”. How did I get there?

To find out, I cracked open a Linux command shell and used the curl command to see what was going on:

where does a redirect take you web http

As you can see, the original domain is legit (so namecheap didn’t take down their domain for being scammers) they’re just using what’s known as a 302 redirect to bounce people to that localhost (e.g., your own computer) URL. What is simpleIntrt? I have no idea, nor could I find out by digging around on various info sites. It’s a mystery.

More importantly, it’s also a scam. It’s an attempt by the villains who are trying to steal people’s Facebook account identities to instill fear (“verify your membership to avoid the limitation”, from the original sms text message) and make you react and respond without doing your homework and being cautious. Don’t do it. Ever. Always be skeptical of notifications, whether text, email or phone calls, and skip revealing any information to the scammers before you have confirmed that it’s legit.

In this case, I can only hope that not a single person fell for the phishing scam, but if they did, well, next time they need to be more careful!

Pro Tip: I’ve been writing about scams, spammers and other types of digital attacks for quite a while. Please see my spam, scams and security help area for lots of other tutorials and cautionary tales. Thanks.

Let’s Stay In Touch!

Never miss a single article, review or tutorial here on AskDaveTaylor, sign up for my fun weekly newsletter!
Name: 
Your email address:*
Please enter all required fields
Correct invalid entries
No spam, ever. Promise. Powered by FeedBlitz
Please choose a color:
Starbucks coffee cup I do have a lot to say, and questions of my own for that matter, but first I'd like to say thank you, Dave, for all your helpful information by buying you a cup of coffee!
facebook membership, facebook post reported, facebook scam, facebook sms scam, sms attack, sms phishing, verify facebook account, verify facebook status

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Search

Recent Posts

  • Can I Have Microsoft Edge Suggest Strong Passwords?
  • How Can I Password Protect Tax Forms Sent Via Email?
  • Easy Way to Add Emoji to Tweets from a Web Browser?
  • How Do You Post Multiple Photos in Instagram?
  • How Can I Change the Default Search Engine in Google Chrome to Microsoft Bing?

On Our YouTube Channel

DIGDIY BUDGET ANC TWS Earbuds [D10WH] -- REVIEW

Rush Charge Hinged Smartphone Battery Stand -- UNBOXING & REVIEW

Categories

  • AdSense, AdWords and PPC Help (106)
  • Amazon Echo & Kindle Help (79)
  • Amazon, eBay and Online Shopping Help (157)
  • Android Help (158)
  • Apple Watch Help (49)
  • Articles, Tutorials and Reviews (326)
  • Business Advice (191)
  • Computer and Internet Basics (714)
  • d) None of the Above (160)
  • Facebook Help (364)
  • Google & Gmail Help (154)
  • HTML and Web Design (243)
  • Instagram Help (43)
  • iPad Help (136)
  • iPhone Help (570)
  • LinkedIn Help (79)
  • Linux Help (147)
  • Linux Shell Script Programming (86)
  • Mac & MacOS Help (830)
  • Most Popular (10)
  • MP3 Player Help (181)
  • Outlook & Office 365 Help (9)
  • PayPal Help (68)
  • Pinterest Help (53)
  • Reddit Help (11)
  • SEO & Marketing (80)
  • Spam, Scams & Security (82)
  • Trade Show Updates (23)
  • Twitter Help (212)
  • Video Game Tips (66)
  • Web Site Traffic Tips (62)
  • Windows 10 Help (825)
  • Wordpress Help (201)
  • Writing and Publishing (72)
  • YouTube Help (43)
  • YouTube Video Reviews (159)
  • Zoom, Skype & Video Chat Help (40)

Archives

Social Connections:

Ask Dave Taylor


Follow Me on Pinterest
Follow me on Twitter
Follow me on LinkedIn
Follow me on Instagram


AskDaveTaylor on Facebook



microsoft insider mvp


This web site is for the purpose of disseminating information for educational purposes, free of charge, for the benefit of all visitors. We take great care to provide quality information. However, we do not guarantee, and accept no legal liability whatsoever arising from or connected to, the accuracy, reliability, currency or completeness of any material contained on this site or on any linked site. Further, please note that by submitting a question or comment you're agreeing to our terms of service, which are: you relinquish any subsequent rights of ownership to your material by submitting it on this site. Our lawyer says "Thanks for your cooperation."
© 2020 by Dave Taylor. "Ask Dave Taylor®" is a registered trademark of Intuitive Systems, LLC.
Privacy Policy - Terms and Conditions - Accessibility Policy