Facebook Phishing Campaign

Watch For Scams is dedicated to helping you avoid becoming a victim of fraud.

If you like this ezine, do a friend a big favor and forward this to them. If a friend forwarded this to you, and if you like what you read, please subscribe by visiting the link below:

Subscribe Here

Facebook Phishing Campaign

The scammers stole one million credentials in four months to help achieve the above potential level of revenue. One of the scam pages from 2021 attracted no fewer than 2.7 million users, with the number rising to about 8.5 million in 2022.

How it Works

Seen this?

Is this you in the photo?

Guess who died?

Check this out!

The link is shortened to help bypass any Facebook spam filters. This makes it trickier for Facebook to figure out if the link is potentially good or bad.

The link takes potential victims to a variety of sites but a phishing page will be the primary destination. Once phished, the victim is sent elsewhere. It could be a promotion, a survey scam, or pretty much anything else that’s ad-centric. All these links have ad trackers and other ad-related forms of revenue generation buzzing away in the background.

Tips to avoid Facebook phishing

If you’re presented with a “Login to view content” box, take a deep breath before going any further. If you’re already logged in, there should be no reason why you’d be asked to login again. Check the URL. Are you on Facebook.com, or an unrelated website?

Enable 2-factor authentication (2FA). If you hand over your password to a phishing page, the phisher can’t do much with it while you’re protected with 2FA. Keep in mind that some phishing sites will also try to steal your 2FA codes.

Add login alerts to your Facebook account. If someone does compromise your login credentials and access your account, you’ll be notified by Facebook as soon as this happens.

Remember - always watch for scams!