Home / Content / Fake copyright violation notice used for stealing Facebook accounts

Fake copyright violation notice used for stealing Facebook accounts

Submitted by admin on Wed, 05/31/2023 - 19:12

If you receive a message saying your Facebook account has been blocked for copyright violation, don’t panic. It’s most likely just another phishing scam.

The latest phishing campaign aimed at stealing Facebook accounts is on the rise. Facebook Users are receiving mass e-mails or direct messages threatening bans for copyright violation. The aim is to send users a link to a phishing page which can be used to steal the users’ login credentials. We explain the anatomy of the new scheme and how not to fall for it.

The message says something like: “Your Facebook account will be disabled for violating the Facebook Terms. If you believe that this decision is incorrect, you may file an appeal at this link.”

Afraid of losing your account and without seeing any red flags in the link address, you might even enter your full name and username, as requested. Next, however, is a request no one should mindlessly obey: “For your own security, please enter your password.”

We’ve said it before and we’ll say it again: Don’t follow links in suspicious e-mails. Even the savviest users can get caught off-guard by a well-written, well-designed message that gets through the spam filter, contains what looks like a good link, and generally seems legitimate.

Now, the link in the e-mail does point to Facebook. As we mentioned, that’s another trick designed to fool spam filters — and you. But the page does not contain an official notice; it’s a note. Until last October, any user could create one using Facebook Notes. At the time of this writing, the tool has been disabled, but old notes are still accessible. At the top of the page is the username, which in this case looks plausibly legit: Case #5918694.

The link is external but disguised as internal. Hovering over it, we can see that it redirects from Facebook to an outside website that has been shortened using Bitly.

The link opens a form that asks for the e-mail address or phone number linked to your Facebook account. The page address looks a bit like Facebook’s, but a closer look reveals that it has nothing to do with Facebook.

Click the Send button and a password entry form pops up. It’s the final play; enter a real password in this field and your facebook account is now in the hands of cybercriminals.

How to protect your Facebook account from being hacked:

  • Take your time and do not panic;
  • Check the sender address before clicking on links in e-mails. Facebook is unlikely to send notifications from non-Facebook email;
  • Look for strange lettering, mistakes, and typos in e-mail text, and assume any message containing them is suspicious;
  • Always log in to your account through the app or by entering the URL in your browser’s address bar (by typing it, not by clicking a link), even if you suspect you’ve received an actual notice of terms-of-service violation;
  • Avoid entering your login credentials on third-party or other pages — but if you did that and lost access to your account, contact customer service immediately. Here are some more handy hints for use in the event of a hack.
  • Install a reliable antivirus that will warn you if you try to open a suspicious page and also guard against malware, data collection, webcam surveillance, and other threats.


Add new comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.