Phishing: A type of scam using fake communication (emails, messages, posts, texts, etc.) that pretend to be from a reputable person or company. The goal is usually to get personal information, like credit cards or passwords, and they often use aggressive or urgent wording.
Links in these messages may lead to realistic-looking fake websites, where they can see what you type into the login section or forms.
There seem to be more “account violation” phishing scams than ever on Facebook these days, usually in the form of an urgent message or post falsely accusing your business of posting copyrighted content or something else that violates a policy.
It can take an eye for detail to tell the difference between real and fake violation messages, but we’ll give you some real-life examples of real and fake notifications, a list of red flags, and some options for dealing with these messages and keeping your peace of mind.
Real Messages vs. Fake Ones
Typically, a real Facebook violation will show up in your Page’s notification section with a gray bell icon next to a Facebook logo profile image, or via email from a “@support.facebook.com,” “@metamail.com,” or “@facebookmail.com” email address.
When a violation is real, you should also be able to see it when you go into your Facebook Support Inbox or Ads Manager settings, depending on the type of alleged violation.
To play it safe, you can go straight to that support inbox or ad settings page to handle any real violations, without clicking on any message links at all.
Facebook scam red flags:
Red flags don’t necessarily mean a message is a phishing scam, but they can help us know when to use caution.
In the screenshot above, we have an example of a real account violation on top. It showed up in the notifications section, has the gray bell icon, and we were able to see it in the Facebook Support Inbox for the page.
Below that is a fake violation. It was sent through Facebook Messenger from an account that named itself “Account Violation” in an attempt to appear legitimate.
Next Steps for Phishing Messages
If you’ve determined that a message is probably fake, don’t click on the link, and don’t reply to the message.
It might be tempting to tell off a scammer, but that could lead to them targeting you specifically and sending even more messages. If you’ve already clicked the link and typed in your password and/or given them financial information, take steps to secure your accounts like changing your password and contacting your bank or credit card company.
What you can do about scam Facebook messages:
See Facebook’s Help Center for the most up-to-date information regarding what to do about phishing, scams, and ways to keep your account secure.