Back to Back Issues Page
Watch For Scams Newsletter. Facebook Phishing Campaign
June 22, 2022

Facebook Phishing Campaign

Watch For Scams is dedicated to helping you avoid becoming a victim of fraud.

If you like this ezine, do a friend a big favor and forward this to them. If a friend forwarded this to you, and if you like what you read, please subscribe by visiting the link below:

Subscribe Here

Facebook Phishing Campaign

Facebook is once again the launchpad for a large-scale phishing campaign. The campaign, which first showed signs of life back in September 2021, has generated millions of page views and ad referral revenue estimated to be millions of USD at this scale of operation.

The scammers stole one million credentials in four months to help achieve the above potential level of revenue. One of the scam pages from 2021 attracted no fewer than 2.7 million users, with the number rising to about 8.5 million in 2022.

How it Works

A Facebook user receives a notification in Messenger. This is a rogue link. There’s no information around whether a message accompanies it, and if so, what it says. However, something as simple as the below messages are routinely used in Facebook scams:

Seen this?

Is this you in the photo?

Guess who died?

Check this out!

The link is shortened to help bypass any Facebook spam filters. This makes it trickier for Facebook to figure out if the link is potentially good or bad.

The link takes potential victims to a variety of sites but a phishing page will be the primary destination. Once phished, the victim is sent elsewhere. It could be a promotion, a survey scam, or pretty much anything else that’s ad-centric. All these links have ad trackers and other ad-related forms of revenue generation buzzing away in the background.

Tips to avoid Facebook phishing

Be wary of messages which don’t follow the natural flow of a conversation. Messages sent at unusual hours or out of the blue with a link should be treated with caution.

If you’re presented with a “Login to view content” box, take a deep breath before going any further. If you’re already logged in, there should be no reason why you’d be asked to login again. Check the URL. Are you on, or an unrelated website?

Enable 2-factor authentication (2FA). If you hand over your password to a phishing page, the phisher can’t do much with it while you’re protected with 2FA. Keep in mind that some phishing sites will also try to steal your 2FA codes.

Add login alerts to your Facebook account. If someone does compromise your login credentials and access your account, you’ll be notified by Facebook as soon as this happens.

If you believe you have been a victim of this type of scam you should promptly report it to the IC3's website at The IC3's complaint database links complaints together to refer them to the appropriate law enforcement agency for case consideration.

Remember - always watch for scams!


Back to Back Issues Page