Cyber criminals are using fake Facebook Security Team messages to trick unsuspecting users into visiting a malicious page and hand over their usernames and passwords.
The message offers a link for verifying the account, and it takes users to a third party Facebook application that requests them to enter their Facebook page name, email or phone and password.
If entered and submitted, that information is automatically sent to the scammers behind this phishing scheme and used to hijack the account.
If you have fallen for the trick, try to access your account. If you are able to do so, change your password immediately. If you have already been locked out, report the compromise and Facebook will help you regain control of the account.
“Anytime you see a Facebook page in the following format: apps.Facebook.com/app_name_here/, you should know that you are NOT dealing with an application created by Facebook,” Facecrooks advises. “Scammers use official sounding page names, applications and links to make their schemes appear legitimate to unsuspecting and ill-informed users.”