Claim: Facebook is about to close your account, citing violation of its policies.
[Collected via e-mail, November 2011]
WARNING : Your account is reported to have violated the policies that are considered annoying or insulting Facebook users. Until we (http://www.facebook.com/security) system will disable your account within 24 hours if you do not do the reconfirmation.
If you still want to use Facebook, Please confirm your account below:
The Facebook Team
Origins: In September 2011, people began receiving startling missives in e-mail that purported to be from Facebook's security department. Those notes accused recipients of having violated the popular social networking site's terms of service (presumably by their having acted in an "annoying or insulting" manner toward others) and threatened them with the loss of their Facebook accounts if they failed to carry out the "reconfirmation" process those e-mails called for. Such messages were variously signed "The Facebook Team" or "Facebook Security" and contained links to web pages where the reconfirmation process was to be carried out.
These demands should have set internal alarm bells clamoring in those who received them. Were a Facebook user deemed in violation of that entity's terms of service and in imminent risk of losing his account for having acted miserably toward others, Facebook wouldn't be looking to clear up the matter via having him enter his personal data onto forms; it would instead either be terminating his account or extracting from him a promise to henceforth use the service responsibly and according to its rules.
Anyone whose fear of losing access to his social network account led him to comply with the e-mail's stated demands found himself greeted with this message on a Facebook look-alike page:
Warning account disabled
Please review your recent activity to make sure no one is using your Facebook account without permission. Reviewing your activity just take a few moments. We'll start by asking you a couple of questions to confirm that this is your account.
Thank you for helping us in improving our level of security.
That same page contained a form that asked for the user's e-mail address, password, Facebook security question and its answer, the first six digits of the user's credit card number, type of credit card, and country. Anyone who completed it was next taken to another that requested he "confirm to your webmail" by entering both its type and the password for his e-mail account. If that form was completed and clicked upon, yet another came up that required his user name, type of credit card, and the first six digits of that financial instrument. The rationale given at that point was "For reasons of security and ownership of the account, sometimes we ask for additional verification before we allow you to get into facebook." In case that wasn't enough of a push, "If you ignore this warning then our security system will block your account automatically."
Those who completed the three forms were then taken to the real Facebook.
It was all a scam, of course — the threatening missives were not from Facebook, and the frightened user was at no risk of losing his account. Internet security firm Sophos said, "The emails are entirely bogus. They are not coming from Facebook. Social media venues would not request financial information, nor would they request login details."
The purpose of the ruse is to collect credit card information and login information that those running the con can then use to carry out identity theft.
Spammers and scammers sometimes send phony emails that have been made to look like they’re from Facebook or another reputable website. These emails can be very convincing, and the "From:" field can even be spoofed to include "Facebook" or "The Facebook Team."
If an email looks strange, don’t click on any of the links in it, and delete it from your inbox immediately. Be especially wary of emails that ask you to update your account, tell you to open an attachment, or warn you to take some other urgent action.