Facebook Messenger Scam: What Happens When You Click the Link
We sift through the link in a Facebook Messenger phishing scam to discover what they're really about, so you don't have to.
A widespread phishing scam has been circulating on Facebook for some time, becoming increasingly irritating, as evidenced by the messages we’ve received. We’ve decided to write an article about it, explaining what it is, so those reading won’t be deceived by it.
This scam involves a message on Facebook Messenger, falsely alarming you about the status of your Facebook account. It conveys a sense of urgency, suggesting immediate action to prevent your account from being locked or terminated by Facebook.
These scam messages come in various forms. Typically featuring a Meta logo or a generic support-related icon, these scams falsely claim that your Facebook page has violated copyright laws or Facebook’s policies. They either urge immediate attention in the title or in the subject line.
Below are some examples:
If you ignore these messages, the senders’ names usually change to ‘Facebook user‘ after some time and their messages become unavailable once they are reported by other users.
Out of curiosity, we decided to click on one of these messages to find out its motive and where it would lead us. Here’s a sample of how one of the messages looks.
Red flags are usually raised when there’s a link, especially if it seems dubious and doesn’t originate from meta.com or facebook.com, but rather from some random or imitative website.
If you receive such a message, avoid clicking any links and report them as spam.
The message, allegedly from MetaCopyright Appeal, claimed we needed to resolve a copyright issue by clicking a link to talk to Meta support. The sender, displayed a Meta logo and led to an almost empty Facebook profile page.
We followed the link and it redirected us to a phishing landing page resembling the Meta business help center, where the only option is to click on “Contact Support”.
Clicking on it opened a new window with another strange URL, looking like the following. Your only choice here is to contact the support team, so we click next and proceeded.
Next, you’re asked to enter your phone number, email address, birthday, and click submit – these are supposedly required to address your issue.
After providing this information, you are then asked to enter your Facebook password.
We entered a fake password, which then initiated a “validating information” process.
This validation took a long time and ultimately stated “password not correct”. We suspect that during this so-called verification, it tries to log into the Facebook account or attempt account recovery using the information provided earlier.
So, if you receive such messages in Messenger, report them as spam and block the sender. Clicking on the link and providing the requested information could lead to your Facebook account being compromised and taken over.
Stay vigilant and safe!