Fake Facebook Security pages are quite a common sight, and there’s a “Your page will be disabled unless…” scam in circulation at the moment on random Facebook comment sections which you should steer clear of.
The scam begins with a message like this, courtesy of Twitter user Alukeonlife:
Warning!!! Your page will be disabled. Due to your page has been reported by other users. Please re-confirm your page in order to avoid blocking. You violate our terms of service. If you are the original owner of this account, please re-confirm your account in order to avoid blocking.
If the multiple exclamation marks and generally terrible grammar didn’t give the game away, the following request certainly might:
To complete your pages account please confirm Http below:
Note that they use the Linkedin URL shortener, which is somewhat unusual – perhaps the scammers think people are growing suspicious of endless bit(dot)ly and goo(dot)gl URLs being sent their way, and are attempting to throw a business-centric sheen on their shenanigans. They won’t get away with it without a fight, however – Google Safe Browsing flags the final destination as a dubious website: and fires up a “Deceptive site ahead” warning:
As for the scam page itself, which is located at
report-fanpage(dot)gzpot(dot)com/Next/login(dot)htm
it looks like this:
!! Warning Page !!
They just can’t stop with those exclamation marks, can they? Anyway, the page asks for Email / Phone, Password and date of birth.
With most Facebook scams, the ride would end here – in this case, we have a little further to travel (and it’s nowhere good).
After harvesting your Facebook credentials, they then go after payment information:
They ask for card number, expiration date, security code, post / zip code and country. It reads as follows:
Upgrade your payment
Should the victim enter their information and hit the button, they’ll be forwarded on to the real Facebook Security Facebook page. There’s also a “Confirm Paypal” button which leads to a phish for that service, too:
The above page is located at
report-fanpage(dot)gzpot(dot)com/Next/paypal(dot)com(dot)htm
Make no mistake, this is one phishing scam that could cost you a lot more than your Facebook login. Should you be sent any attempts at panicking you into entering your logins on a so-called “Security Page”, you should give both destination URL and comment sender a very wide berth.
Christopher Boyd
