Facebook, now owned by Meta Platforms, can be a fun place to learn new things, from recipes and product recommendations to what an auntie who you don’t speak to did on her recent cruise.
It’s also a brilliant place to find new potential clients and put yourself in front of an audience who may not even realise that they need your help.
By the way, if you aren’t advertising on Facebook, why not? My blog from last year all about why you should be is still a great read, if I do say so myself.
But there is also a dark side to this popular social media platform…
Beware of scam messages
A growing concern for me is the increasing number of times a client reaches out to us with a notice from Facebook that they are worried about.
Just to be clear, I’m always glad that the client came to us before acting. But these instances are becoming more and more frequent.
Sometimes these messages from Facebook come in an email, text message or even through Facebook Messenger. Regardless of the format, these messages all have one thing in common.
They’re a scam.
These messages are known as “phishing”. This is a technique for attempting to acquire sensitive data, such as bank account numbers, through a fraudulent solicitation in email or on a website, in which the perpetrator pretends to be a legitimate business or reputable person.
Many of our clients have their business Facebook page attached to their personal Facebook.
Does this sound like you?
If so, this means that if you interact with a spam message, all of your private details could be at risk.
Facebook will always contact you by email
Before I dive into some clear signs that point to your message from Facebook being a scam, there is one huge point I want to get across to you. For me, it’s one of the most important points regarding Facebook scams.
Facebook will never contact you about issues with your page/account using Messenger.
It will always be an email.
This means that if you receive a message through Facebook Messenger that you’re concerned about, please press “delete” and move on with your day. It will be a spam message that is just trying to trick you and get your login details.
Aside from it originating on Facebook Messenger, here are three signs that your message is very likely to be a scam. If you encounter any of these regarding your own page/business account, it’s vital that you simply ignore them or speak to Facebook directly.
1. Spelling and grammar issues
The message claiming that your Facebook page has been disabled is a common type of Facebook scam. Scammers often use this tactic to trick users into taking actions that can compromise their accounts or personal information.
Here is an example of a similar message received by one of our clients:
This client received it on Facebook Messenger which was the first sign that it was a scam. But what if you received it via email? Let’s pretend that this is your message, and it was indeed arrived by email.
While messages like this can be concerning, it’s worth taking a deep breath and examining the cold hard facts, regardless of what the message is talking about.
In this case, it’s telling you that your Facebook page has been disabled. Well, this is an easy thing to check! Open the legitimate Facebook app and take a look, instead of clicking on the links in the email.
However, before resorting to taking action, it’s so important that you verify the legitimacy of the message. Check for signs of a scam, such as grammatical errors, suspicious URLs, or generic language.
As you can see in the above, there are some grammatical errors which to me, say loud and clear that this is a scam and fake message.
2. A suspicious sending address
The copyright/terms of service violations scam on Facebook is a deceptive scheme that preys on Facebook Page administrators (that is, you!)
This scam typically follows a similar pattern to the scam above and aims to trick you into taking actions that can compromise your account or lead to financial losses, if your login details or bank details are obtained.
Scammers often go to great lengths to impersonate Facebook’s branding and design, making the message appear more convincing. They may use official Facebook logos, colours, and fonts which can make it even harder to know if the message is legitimate.
This is an email one of our clients received and they were concerned.
This email doesn’t look too bad, right? There are no grammar issues, the spelling is correct, the wording is very robotic but professional and the link they have included appears to be a link from Facebook.
The big red flag here wasn’t in the email body. It was the sender.
The email address it was sent from was email@example.com – clearly not a Facebook account.
If the sender’s email address is not quite the same as the supposed sending company, that’s a very large red flag. A message from an address at paypal.com may be completely legitimate. An email from paypal-acount-verefy.com probably isn’t.
If Facebook ever wants to contact you by email, their email address will be @facebookmail.com or, if it’s from their support team, the email address is @support.facebook.com.
If an email address looks dodgy, it usually is.
3. Asking for personal information
Facebook typically does not ask users for personal information, especially sensitive information like passwords or financial details, through email. Facebook follows standard security and privacy practices, and they do not request such information through email communication.
If you receive an email that appears to be from Facebook asking for personal information, it’s essential to be cautious.
One common scam to watch out for is the “Facebook account recovery code” phishing email.
This deceptive email is designed to look like an urgent message from Facebook providing you with a six-digit code to change your password. If you didn’t request the change, (which is always the case), it provides you with a blue box which you can click and provide your current password to then change it.
This is a complete scam designed to trick you into giving up your login details. Once scammers gain access, they can take over your account for criminal activity.
If you received a Facebook password reset email that you didn’t request, if it isn’t a scammer with fraudulent intentions, it’s also a possibility that someone accidentally entered your email or username when attempting to log in to their own account.
This often happens if you have a popular username or email address. As long as you don’t click the link to reset your password, no action will be taken, and your account will remain secure. If you didn’t request it, do not click it.
Navigating the world of online security can feel like constantly dodging bullets and it’s very easy to feel overwhelmed.
However, we are always very glad when a client emails us asking about the validity of a notice from Facebook because it means that they trusted their instinct and the same can be said for you!
The main piece of advice I can give you, encompassing everything written above, is if you feel uneasy or unsure about a message from Facebook, then do not act on it. Either completely ignore it or speak to Facebook directly to ask if it was legitimate.
Nothing is worth your personal information being stolen.
Stay vigilant, stay calm and you’ll be absolutely fine.
Get in touch
If you’d like to explore how Facebook advertising can benefit your business, we’re happy to help. Email firstname.lastname@example.org or call 0115 8965300.