Shane McDonald Facebook pixel

Have you been getting Fake Facebook Messages messages on Facebook, Instagram, or getting fake messages on any other social media platforms, saying that your account has been flagged for copyright infringement or community guideline breach? These are probably attempts to phish and get access to your account. In this article, I will outline what Phishing is, and what to do if you suspect you might have someone looking to get access to your accounts.

What is Phishing?

Phishing is a type of cyberattack where attackers deceive individuals into revealing sensitive information, such as passwords, credit card details, or personal data. This is typically done by impersonating a legitimate organization or person through emails, websites, or text messages. Phishing attacks often use messages that appear to come from trusted sources like banks, online services, or colleagues, tricking victims into clicking on malicious links or downloading harmful attachments.

Once a victim clicks the link or provides their information, the attackers can steal personal data, access accounts, or install malware on the victim’s device. Phishing attacks rely on psychological manipulation, creating a sense of urgency or fear, such as a warning of account closure or a security breach to prompt quick action.

These attacks are common because they are relatively easy to execute and can target a wide range of individuals or organizations. Effective defenses against phishing include education, email filtering, and multi-factor authentication.

How do I know if these messages are genuine or a Phishing Attempt?

  1. The first thing is URGENCY. They will always put a timeframe. e.g. You have to act within the next 24 hours. 
    The reason for this is that they want you to act without thinking. That way you won’t have a chance to research this or ask others to verify.

  2. They will also make things look authentic. For example, if you see the messages or if you were unlucky enough to click through to the web addresses they send, everything will look very authentic regardless of which company they are claiming to represent. You can always spot a cloned page though as the web address will be very unusual and normally they remove all links for ‘contact us’ or ‘support’ as they don’t want you asking any questions.

  3. It will always be out of the blue. In the case of the Facebook messages, you are told of a pending page closure within 24 hours for something that you didn’t do. So you are not prepared for it at all when these messages come in to your inbox or DMs. As they say on the BBC Morning Live Programme “If it’s out of the blue, it’s not for you”.

  4. They will probably not use your name. In the Facebook example below – they state simply “Hello”. That’s not to say that your name may not appear as they may have obtained your name in a data breach on the dark web.

  5. The apps which are linked to these messages do not show any issues. This is a complex one to understand but if Facebook had an issue with your page and wanted to flag a community guidelines breach, you would also get a system notification in the Notifications section of your facebook page, and there would also be some flag or notice on the dashboard of your facebook page (there is also a Page Quality section called Page Health …. see below), if you actually had an issue it would be raised here also. 

    If it was something else like PayPal and you received a warning by email or text that due to a PayPal issue a transaction was made on your account, do not use the message or the text – verify it on the actual PayPal app. If there is an issue it will show up here also. 

  6. Sometimes the Grammar and Spelling is poor. Many of these scams are run by people in 3rd world countries or countries where English is not the first language so you may spot grammatical errors which give the game away. Also if the font’s in an email change half way down this might be another giveaway as they obviously copied and pasted from some other scam email template that they were working on.

The fake Facebook messages?

This is an example of what the messages on Facebook may look like – note I have removed the web address for your safety and that of others. (I added the FAKE text in red as a warning, but you get the idea).

Remember to always verify in the official Facebook App or on the desktop client.

Conclusion

Just be on your guard and look out for some of these signs if you get an email, text, or direct social media message. These could be Phishing attempts. Don’t let the scammers win.