Whether something looks legit or not, however, vigilance and skepticism are your friend, whether you’re trying to ascertain if an email is real or a Facebook notification is from a scammer or phishing attack or not. In the spirit of detective work, let’s step through this notification and see what’s going on…
To start, here’s what I saw in my own personal Facebook account notification stream:
On first glance it might seem legit but, um, “shared”? If there was an issue with my Facebook business page, why would the reporting team “share” my page rather than just notify me of a violation or problem?
Still, maybe. Maybe it’s legit or maybe you read it without really thinking about what it says and click to learn more. In which case you get to this pop-up window:
Still, you’re anxious, you see a link, you click on it.
BUT WAIT! Let’s look at that link. In fact, let’s ask; why would Facebook link to something off site at all? They wouldn’t. But maybe you don’t know that. Then look at the domain for this link: fb<string of random numbers>.my.id. Know where .ID is the domain for? Indonesia. Now it’s as obvious as can be this is a phishing attack, as we say in the biz. They just want to steal your account credentials.
Worst case, you click. Now you’ll see a not-quite-right Facebook login page (that’s not secure):
Not quite what Facebook looks like, but it might fool you if you’re anxious and moving really fast.
To ensure something like this is legit, though, start by entering a fake email and password to see what happens. I use “firstname.lastname@example.org” and “melania” as the fake credentials. In this case, it accepts them!
In other words, it clearly isn’t validating anything at all, just saving the data to a file on their server somewhere in Indonesia.
Once you enter bogus info on this page, it then asks for more information from you:
Why would Facebook need this information?
No worries, enter some junk and you’ll be verified! Whoo!
What this page should really say is “Hey sucker! Thanks for the info. We’re going to hijack your account in just a few minutes!”
In other words, what’s really going on here is that an enterprising young scammer has built a few pages and is prodding people on Facebook to go to that bogus site and share their login credentials and personal info. DON’T DO IT.
With just a bit of skepticism and a close read of the details, it’s clear that this is a scam from the very first step. But sometimes we move too fast and even I’ve been caught by one or two of these well assembled scams over the years. If this suckered you, then
- Go and change your Facebook password ASAP. I’ll wait. Back? Ok. Now
- Enable 2-factor authentication on your Facebook account which would mean that even if they get your password, they won’t be able to get into your account.
Be vigilant out there; anti-virus software protects from app attacks, not personal scams like this one. It’s up to you to be skeptical and cautious.
Pro Tip: I’ve been writing about Facebook and online scams for many years. Please check out my spam, scams and security help area and my Facebook help areas both while you’re visiting. And why not follow AskDaveTaylor on Facebook too? Thanks!