Fake Facebook Security Team Sent Out Phishing Messages

facebook securityJust when we had rumors spreading on Facebook charges not long ago, there is another IT security attack on Facebook again using the fake Facebook Security Page. This round of attack apparently is going to be a more serious attack as this attack will result in stealing Facebook user’s password. The previous one, it was just generating rubbish on the site to create some sort of Human-Worm. What the attacker do this time was to send phishing messages to the users and lure them to the fake Facebook Security page. The message goes this way:

fb-phishing-messageThe message started by saying that your accounts will be suspended due to some violation of the terms and condition. Commonly, if they direct ask the users to click on certain link might not possibly work. Hence they pretend that they have sort of make some mistake on the second paragraph to lure the users to click on the link. They also give the timeline as well because their fake Facebook Security page might not last long as the legitimate one is going to find out soon enough. As long as the user clicks on those link, it is going to redirect them to a page where it needs an array of their information as shown below:

The Information That The Fake Facebook Security Seeks

facebook-phishingWhat happens after you confirm your details is that your details will be sent to the attacker. The attacker will then be able to login into your Facebook account with the details that you had just provided. If you happen to have a friend who had just been attacked with this phishing attack, do remind them to change their account password. If you read carefully on the URL, there is some spelling mistake on the word ‘suport’ instead of ‘support’. There is another version of scam though which looks like this:


The other scam claims that you are using some unknown proxy. The trick of phishing attack remains the same where they will use a link to redirect you to a fake page. However, they key here is to check whether the particular Facebook Security page is legitimate. The fake page looks like this:

Fake Facebook Security Page

fake-fb-securityNotice that the name of the page is not a standard ASCII character. It is some non-standard character which is used to stay away from the detection of Facebook and at the same time, able to perform the usual phishing. If you require any necessary guide on phishing attack, you can always refer to how to detect and combat phishing attack.

Also, don’t forget to join the IT Security Column Facebook page to keep you updated on the latest IT security news.

Build Your Own Security
Subscribe to my newsletter and get a copy of my eBook for free.
We hate spam just as much as you

Related posts:

  1. Facebook is Starting to Charge
  2. Beware: Phishing Attack Hits Paypal
  3. Tumblr Bloggers Hit by Phishing
About Alan Tay

This blog is owned and operated by myMediaInc. My Media operates content based online portals for IT professionals, technology managers and decision makers as well as business leaders. We publish original quality content focused in Software Development, IT Security, SaaS, Cloud Computing, Outsourcing, Project Management and Mobile and Wireless. Our mission is to explore how to help you optimize your resources in each of these areas.

Find us here IT Security Column.


  1. Diane says:

    So how do I remove this from my friends list without going to their profile to delete them?

    • Alan Tay says:

      Hi Diane,

      Without going to their profile, I am not sure it is possible or not. But generally you have two options here where you can either ‘Unfriend’ from them or just ‘Block them’. You can do that by clicking on their profile page, locate the ‘unfriend’ or ‘Report/Block this person’ links at the most bottome side of the left side bar.


Speak Your Mind


CommentLuv badge

This blog uses premium CommentLuv which allows you to put your keywords with your name if you have had 3 approved comments. Use your real name and then @ your keywords (maximum of 3)