Facebook users have alerted me to some worrying looking unsolicited direct messages they have been receiving today.
The messages, which purport to come from “FB Customer Care” warn that the unsuspecting victim is due to be “disconnected from our server due to several violations”. The nature of the violations is unspecified, but helpfully the scam artists (for that is indeed what they are) do offer a link where you can “Confirm your identity”
If a user is concerned enough to click the link in the message they will be taken to a replica of the Facebook website claiming to represent Facebook Security. As you can see from the screen grab below, it’s not just about Facebook credentials. These enterprising fraudsters are also after your date of birth and email credentials too!
I have already alerted the incident handlers at Facebook about these scam mesages and now I’ve alerted you. If you’re using Trend Micro we are already blocking access to the related phishing sites.