An example of a typical facebook pishing scam email message look like this below.
LAST WARNING : Your account is reported to have violated the policies that are considered annoying or insulting Facebook users. Until we system will disable your account within 24 hours if you do not do the reconfirmation.
Please confirm your account below:
[Link Removed]
Thanks.
The Facebook Team
Copyright facebook © 2011 Inc. All rights reserved.
According to the blog, recipients who click the link are shown a fake Facebook "Account Disabled" Web form. The form asks for Facebook login details including email, password, Facebook security question, Facebook security answer, the first six digits on the user's credit card number, and their country of residence.
Once the form is complete, the victims are taken to a second form labelled "Confirm to your webmail" that requests webmail programme and password. After this, the victims are take to a third bogus form, labeled "Terms of Service." This form again asks for user name and the first six digits of the user's credit card and warns victims that their accounts more or less will be lined up in front of a firing squad and shot at dawn unless they comply.
Another similar Facebook scam purporting to be from Facebook Security claimed to be watching out for users' accounts being accessed by unauthorized parties. Here's the text as per the blog:
Subject: Did you log into Facebook from somewhere new?
Dear [Username removed]
Your Facebook account was recently logged into from a computer, mobile device or other location you've never used before. We have reviewed your account activity, and we get information about possible unauthorized access to your Facebook. We have provided a warning to you via email, but you do not respond to our notification.
"Your account was accessed from a new location : Anonymous Proxy."
If you are not signing into your Facebook account from "Anonymous Proxy", your Facebook account may have been compromised. We recommend immediately verify your account by carefully on the link below to protect your Facebook account. It may take a few minutes of your time to complete your data.
Please be sure to visit the Facebook Service Account for further information regarding these security issues.
***********************************
[link to scam page removed]
***********************************
Note : If within 12 hours, you have not verified your account, then you have ignored our notifications. Therefore, your account is permanently suspended, and will not be reactivated for any reason.
Thanks,
Facebook Security Team
a screen shot below that message contain link to users fake log in page
Once you entered the log in details u will never acces your account agian you may be lose your account.
This email, which purports to be from social networking website, Facebook, claims that Facebook is about to implement a new login system. The message claims that Facebook users must follow a link in the message to update their details before they will be able to use the new system.
we sholud take care the URL of the link hav been in email messages sure that its starts from www.facebook.com
