Scammers love to take over Facebook accounts because people generally trust the posts put up by their friends that appear on their Facebook page. These people forget my motto of “trust me, you can’t trust anyone” and often click on links in these posts or provide information in response to these posts which generally don’t present a problem, but when the post that you think is that of your friend is really from a scammer who has taken over your friend’s Facebook account, the link you click on may download dangerous malware and the information you provide may enable the criminal to make you a victim of identity theft.
There are many ways that cybercriminals take over Facebook accounts, but one that has been occurring recently begins when you get what appears to be an email that reads “Your Facebook account has been disabled for violating the Facebook Terms. If you believe that this decision is incorrect, you may file an appeal at this link.” Sometimes the email implies that the violation is a copyright violation for a post you put up that contained copyright protected music. People clicking on the link to begin the appeal process are taken to an official looking page that asks for your name, username and password. If you provide that information, you have just turned over your Facebook account to a cybercriminal and if you use the same password for all of your online accounts, you have also put yourself in jeopardy as to every account in which you use the same password.
The first thing to always look at when you get an email that requests information or instructs you to click on a link is the email address of the sender. If it has nothing to do with the company that is being represented as sending you the email, the email is a phishing email being sent through a botnet of computers whose email accounts have been hacked and used to send out these phishing emails.
Sometimes, however, the email address of the sender may appear to be legitimate, but even then you cannot trust it. A sophisticated cybercriminal can make the email address appear legitimate when it is not. The best course of action if you are ever asked for personal information or to click on a link is to confirm that the communication is legitimate. The best way to do that is to check with the real company that the scammer is posing as. In this case you could and should go directly to Facebook through its help center where you will learn that this and similar phishing emails are scams. https://www.facebook.com/help
You also should use dual factor authentication so that even if someone gets your username and password, they won’t be able to get control of your account. Here is a link to Facebook’s information about installing dual factor authentication. https://www.facebook.com/help/148233965247823
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/