Don’t Get Hacked! Here’s How to Spot the Most Recent Facebook Scams
Last week the Connecting Directors Facebook page received an intimidating direct message from Meta Security Team. Apparently, our page had been “permanently disabled,” and we needed to click a link within 24 hours to “confirm our account.” Oh no! Not the Meta Security Team! Wait … there’s no Meta Security Team … and why is there a grammatical error in the message?
This direct messages is just one example of the scams circulating around Facebook. While scams of all kinds have always been around, lately we’ve noticed a significant increase in scams on our Facebook business and personal pages.
It’s all too easy to get duped these days. Scammers seem to be getting more and more sophisticated with their tactics and attempts to get access to your personal and private information. Falling for their tricks can have disastrous consequences, from losing access to your page to having your business profile completely defaced to finding that your credit card has been used to rack up sizable unauthorized ad spend. These scams are called “phishing” because the bad guys are just hoping you’ll take the bait and they’ll catch some juicy details like your bank account number or client list.
Recovering from a scam can take a lot of time, a lot of effort, and, unfortunately, a lot of explaining and apologies to your followers. The best way to prevent being hacked is to learn how to identify a scam in the first place.
Types of scams
The direct messages the Connecting Directors business page has received are just one example of the scams making the rounds recently. Here are some others you might come across:
- Fake pages or personal profiles sending DMs claiming to have purchased something from you and complaining about customer service or wanting a refund.
- DMs asking to check out one of your products with a message that includes a .RAR or .ZIP file encouraging you to click or download.
- DMs alerting you about a password change to your company email.
- Fake pages tagging your page or sharing your posts, claiming that you’ve violated Meta’s terms and threatening to shut down or permanently deactivate your page.
Sure, receiving a message from “Meta Security Team” is intimidating, and can definitely put the fear of Zuckerburg in you. You should know, though, that Facebook or Meta definitely do not alert you via tagged posts or shares, and only very, very rarely would you ever receive a DM directly from them. If you do, it won’t be about violations.
According to Facebook’s Transparency Center, “If your content goes against the Facebook Community Standards or Instagram Community Guidelines, Meta will remove it.” A notification like the one below will appear in your Feed when you log in … not in your DMs or in a post.
What to watch for
In addition to the grammatically incorrect “our Your” error in the fake message we received on our Connecting Directors page, there are other things that can serve as dead giveaways to a scam:
- Misspelled words, extra spaces, and nonsensical phrases
- A sender or user named “Facebook User” with no profile image
- An odd-looking URL that has nothing to do with Facebook or Meta. (Be careful, though, because the scammers are good at creating URLs that might look legit.)
- An image similar to Meta’s logo but not quite right (for example, it’s upside down)
- Extra-long Facebook Page names that include some kind of page violation warning or contain something slightly reasonable like “Community Standards.”
EVERY single weird-looking direct message, post on your wall, tag from a fake page, even a share from a fake page are ALL big fat scams. NONE of it is legit. Not one. Ever. So there’s no need to have any doubt as to whether something is legit or not. It’s not.
If, even after this warning in all caps and bold print, you’re still not convinced the sketchy message is a scam, feel free to Google it using some of the words in the message (just don’t type in the exact URL they’ve included!). For example, for these messages we Googled “Meta Security Team Facebook message” and immediately recognized that the top results were from malware organizations warning against this particular scam:
What to do if you suspect a scam
If you believe you’ve received a DM or post that’s a scam, here’s what to do next:
- DELETE the message or post
- IGNORE the message or post
- NEVER, EVER CLICK the links within the post.
- REPORT the message or post to Facebook.
- BAN or BLOCK the profile or page.
Along with avoiding clicking any links yourself, NEVER copy the DM or post and share it in any groups or elsewhere with the actual live link. This perpetuates the scam and leaves others at risk if they were to click the phishing links.
Are you a DISRUPT Media client?
If you’re a client of DISRUPT Media, rest assured that your Facebook account is in good hands. We’re already deleting, blocking, and reporting these scams for you as they occur.