I got a text message from Facebook over the weekend, Dave, and it warns me that there’s a policy violation on my account and that I need to confirm my account information. What the heck? Is it legit?
Facebook has put a lot of effort into its own Messenger service and, of course, knows your email address, so the odds that the company would send you a text message at all is pretty darn low. As with all of these sort of “warnings” or “alerts”, you can always verify by simply logging in to your account through the usual channels: If the warning you received is legitimate, there’ll be a copy of it in your Facebook inbox.
But let’s have a closer look at the message you received, because it clearly works with some people or the scammers wouldn’t be sending something of this nature to people. And yes, it’s a scam and they’re scammers. In fact, it’s what’s known as a “phishing” attack.
To start out, here’s the text message you received:
Before going any further you can tell it’s bogus: Facebook wouldn’t bother with a URL shortener like Bit.ly, it would have a facebook.com URL, right? Then there’s the phone number and the fact that it’s an anonymous text message from an unknown number…
So let’s do some detective work just in case there’s some lingering doubt that maybe, just maybe, it is legit. First off, there’s a great Web site called Check Short URL that you can use to see where a shortened URL will take you without actually clicking and going there. Helpful! Carefully type in the URL (or copy and paste)…
Then when you Expand it, you’ll find that it’s pointing to a non-Facebook URL, as you’d expect if it was a phishing attack or scam:
See that URL? m-faceb0ok-security.com. Not only the dashes, but “book” has a zero buried in it. I hope you can agree that there’s 0% chance that this is a legitimate Facebook page, even if the title of the page is “Facebook security”.
Then there’s that phone number. Where’s it from? You can find that out easily enough by doing a Google search on the phone number itself (again, copy and paste is your friend):
Not that phone numbers can’t be trivially spoofed, but Facebook is based in Silicon Valley, California, not the quiet town of Greenwich, Connecticut.
Still, when you get a warning or alert, sometimes people act before they think – which is exactly what these phishers count on! – so let’s say you did tap or click on the shortened Bit.ly URL in the original text message. You’d get to that m-faceb0ok-security.com site and here’s what you’d see:
If you can’t read the small print, it says “For security reasons, your account will be disabled Permanently because your account has been reported by others for reasons that are not permitted on Facebook.” Grammar? Awkward. Believable? No.
As you can see above, the entire scam is about getting your email + password so they can log in and hijack your Facebook account. Probably they’d change your password and security questions so you can’t log in, then extort some money out of you to regain access to your Facebook account. Definitely not good.
Worst case scenario if you ever realize that you did get suckered by one of these scams, immediately change your account password and log out of every other device you’re on to force a login everywhere. And be careful out there, darn it. If we were all just a bit more skeptical, these scams wouldn’t work.