Click Here To Schedule a Free Consultation
How does the attack happen?
‘The attackers start by sending a message, sometimes in an email and more recently through Facebook messenger. The message can claim several different things like “Your page is scheduled for deletion because it violated our Community Standards” or some variation on this message.
The Facebook messenger message below has a similar message. The Facebook messenger message below says that we need to “Important announcement from Facebook.” Notice that the icon being used is the Meta logo. These messages will all claim to be from an official Meta support person or Facebook Support team.
Then, regardless of what type of message it is, these messages always have links. The attackers will have a link in the message that they say allows you to “Appeal the Violation of the Community Standards” or in this case, “Request for Review”. When you go to this link the attackers will have a form for you to fill out with your personal information or they may ask you to log in to your Facebook account. These forms or login are fake and the attacker will capture this information to access your accounts.
With a form like below, they will ask for your contact information, take this information (like name, email, phone number) and contact you pretending to be from Meta. They will then try to get more information from you such as login credentials or even payment information if you have ad accounts.
How do you avoid these phishing attacks?
Look closely at the URL.
If the URL doesn’t start with facebook.com then it’s not a legitimate link. some links may have Facebook or Meta in the link but the root domain must start with facebook.com. No other root domain will be real.
Never Click an Unknown Link
Never click a link from a message or email unless you are 100% sure you know the sender. It doesn’t matter how professional the email looks. Do not click on links that you have ANY question about.
Log in to your Account
Log in to your account instead of trusting a link. You will see notifications inside your business page or in your business manager if there are actual issues with your page or account.
Never Share Information Online
Don’t share your personal or business information online. Ever! Facebook or any other social network will not ask for your personal information. They already have it! The pages and forms will look very professional and often are exact replicas of pages inside of Facebook. Don’t be fooled.
What to Do if You Fall Victim to a Phishing Attack
Change Your Passwords
Immediately change your Facebook password and the passwords of any other accounts that share the same or similar credentials. Use strong, unique passwords for each account.
Check Account Activity
Review your recent Facebook activity. Look for any posts, messages, or changes you didn’t make. This can help you understand the extent of the breach.
Alert Friends and Family
Notify your contacts that your account was compromised. This is crucial as scammers may try to impersonate you or send malicious links to your friends.
Report to Facebook
Use Facebook’s reporting feature to inform them of the phishing attempt. This helps them take actions to prevent further scams.
Scan for Malware
Run a full scan on your device with a reputable antivirus program. Malware is often used in conjunction with phishing attacks. ESET is my go to antivirus and malware scanning program.
Contact Financial Institutions
If the scam involved financial information, contact your bank or credit card company immediately to alert them of potential fraud.
Keep records of all communications related to the scam. Tale screenshots of any page you visit, copy messages and emails from both attackers and Facebook or Meta. Be sure to keep track of any communication you have with your financial institutions if necessary. This can be helpful for any potential legal or recovery processes.
You want and need to have your business online. Facebook is one of the best places online ot get exposure for your business. However, this comes with the risk of hackers trying to steal your information and damaging your buisness page and possibly your personal profile. Follow the advice in this article, stay on top of the latest risks and safety practices on Facebook and any other platform you have presence. This gives you the best chance at having a great experience with your business online.