PSA: Facebook page admins, beware of this elaborate scam

Having a social media presence is important these days especially when it’s one of the main channels of reaching your customers or community. Losing your Facebook page due to policy violations is something that should be taken seriously and it appears that scammers are now using an elaborate tactic to trick Facebook page admins into giving away their login credentials. If you are managing several Facebook pages, this is something you should take note.

Recently, we’ve received an email claiming that our Facebook page has violated one of more of Facebook Page’s terms. Without providing much information on the actual “violation”, the email directs you to a Facebook URL where you can supposedly file an appeal.

As shown above, the email was sent from a different domain name although it is signed off as “Facebook Support”. If you click on the link, it goes to a Facebook page which carries the same message. For the initiated, this looks legit but this is actually a Facebook “Notes” page which anyone can create from a Facebook page.

What’s scary is that they can disguise a URL which links to another location. As shown below, the supposed link to file an appeal, actually links to a bit.ly URL instead of an official Facebook page.

If you click through, it lands on a different website that pretends to be a Facebook page. The page which has a typical Facebook Help Centre interface shows an “Appeal Page Policy Violation” form which will requires you to provide your email address, page URL and your password.

This is obviously a scam to trick users into passing over their Facebook login information. If you provide your email and password through these fake forms, the attacker could hijack your Facebook account and pages. Once they have control, they can misuse your account to scam your contacts and followers.

If you’re a Facebook page owner, we would want to remind you to be aware of such phishing tactics. Always check on the Facebook platform itself instead of clicking on a link from an email or other channels outside of Facebook.

To prevent the scammers from targeting other victims, you can do your part by reporting the email or the Facebook page for scam or misleading activities. If you’re using Gmail, you can report the email as a Phishing Message for their internal review.

How to avoid getting scammed?

  1. Always double check the source of the message
    The first indicator is to check where the message is from. If you’re notified by email, make sure it is genuinely from the platform itself (e.g. facebook.com) and not some other email addresses. Alternatively, you can clarify with the platform through the official support channels.

    In the case of Facebook, they would usually notify you of any errors or violations on the Facebook platform itself. Similarly, on YouTube, there will warn you of any copyright or violations via YouTube Studio.
  2. Verify the URL
    Sometimes looks can be deceiving. Although the displayed URL looks legit, you can mouse over to see if it is linked to a different page. Even if you accidentally clicked on it, do look at the URL bar to notice any changes in the domain name. Like the example given above, the supposed Facebook.com link goes to a random ngrok.io URL.
  3. Look out for verified badges and labels
    This tip is important to detect scam promos by pages that pretend to be from genuine brands. This include fake KFC pages which promises to offer free vouchers or meal when you join a survey. At first glance, it is hard to tell because these fake pages have ripped off same official images from the official site.

    Before you proceed, do take a look at the actual Facebook page and see when it’s created and whether it has the verified blue tick. In most cases, the scam pages are created recently and it has hardly any followers.

Related reading

Recent Posts

GX 2.0: GXBank continues to offer unlimited cashback with some tweaks

GXBank turns one and they have revealed its latest features and initiatives for its next…

11 mins ago

MG ZS EV now available for RM99,999: The cheapest electric SUV in Malaysia

You can now get an MG ZS EV for as low as RM99,999, making it…

52 mins ago

Prime Minister’s Department: Over 1,500 cyberattacks launched at ministries’ infrastructure systems

There have been over 1,500 cases of cyberattacks launched against Malaysian ministries' infrastructure systems in…

6 hours ago

Malaysia’s largest DC charging hub is opening soon at Iskandar Puteri, Johor

DC Handal is expected to unveil what appears to be Malaysia's largest EV charging hub…

21 hours ago

Realme GT 7 Pro coming to Malaysia as first smartphone with Snapdragon 8 Elite chip, launching 18th November

Realme has debuted its latest flagship smartphone, the Realme GT 7 Pro in China, featuring…

22 hours ago

Malaysia to kill off NGVs in 2025 due to safety concerns

Malaysia will ban natural gas vehicles (NGVs) on 30 June 2025. Subsequently, no new natural…

23 hours ago

This website uses cookies.