Fake Facebook 'Security Team Has Suspended Your Page' Posts Used to Phish Login Credentials

As this year starts off fresh, cybercriminals have dusted off their social networking fishing hooks to aim them at Facebook users to bait them with fake 'Security Team' messages, which includes links to phishing sites designed to steal login usernames and passwords.

From what appears to be the very first mass-scale scheme conducted by cybercrooks this year on Facebook, is one that uses a bogus Facebook Security Team account to inform potential victims that the 'Security Team Has Suspended Your Page'. Within the message is a link to supposedly 'verify your account', which if clicked on, will redirect the user to a malicious site designed to obtain usernames and passwords. One of the sites in particular, was identified as utilizing an app within Facebook to ask for login information as show in Figure 1 below. The 3rd party app has since been shut down but could remain to be an issue for those who may have given up their logins and passwords.

Figure 1. Example of a fake Facebook Verification Page using phishing techniques to obtain login credentials.
fake facebook verification login

The complete fake Facebook Security Team message reads: 'We have reviewed the suspension of your Page. After reviewing your page activity, it was determined that you were in violation of our Terms of Service. We have provided a warning to you via email, but you have not responded to our notifications. Therefore, your account might be permanently suspended.'

The message actually has nothing to do with Facebook's security team or the violation of any terms of service. Those who give into the message and relinquish their login credentials will be unknowingly handing over access to their Facebook account to hackers who have wielded this mischievous attack.

This exploitation and phishing scheme was put on hold when Facebook got wind of it appearing on members' walls. The legitimate Facebook Help Center has provided a link to secure a Facebook account in the event that a user suspects that their account is hacked and sending out this malicious message.

With Facebook having well-over 1 billion users, hackers have a large audience at their disposal to render roguish scams on. Phishing scams on Facebook are nothing new under the sun and as the dark shadows are cast over new scams during 2013, we should all educate ourselves on some of the top Phishing scams used on social networks. Additionally, it is always a good idea to keep your anti-virus or anti-spyware software updated to ward off potential malware infections leading to common threats obtained on social networks like Facebook.

One Comment

  • Bonnie Spencer:

    This is upsetting. I was approached when I tried to sign in to Facebook. Also, they said facebook was inappropriate for conversations about animals or animal right topics. Each time I chose a new password from my old password,(which worked fine, I was told it was too much like the old one! How do they know that? Personally it sounds so much like this person(s)works for Facebook. They sure have access to anything they want.For 10 days or so,I have been in this endless circle of repetitive questions. I don't use a mobile phone anymore, sine 1999. I can not receive texts etc...but still they ask me for my phone number.When I began with facebook, I gave my home phone number,that worked well! I do not have a phone at present. I don't know why they think that I'm going to give them my ultra personal Government identification! Everything was fine. My email address and password(s) worked great!Then I was asked to delete the written problems I was going to send, to Google Security.One more-they are telling me to use my old email address when corresponding with them. 2014,I haven't used that email for at least one year, and I have forgotten part of it, unless its them, playing these awful games with me, it is just so crooked!!
    I do know the email address, I may not remember the password. Why can't they use my present email address and I would be willing to change my password. ETC...Thank You, Please help me, however you can with this.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.