Over the years, readers may have seen scam email messages sitting in their spam folders that claimed to be from social media companies. One such scam message that looked to be from Facebook (but wasn't) had a subject line that claimed: "Someone tried to log in to your account." The subject line often ended with an 8-digit ID number.
Such Facebook email scams can lead to phishing, identity theft, and other dangerous outcomes. We strongly recommend against clicking links in any such messages.
The emails often looked something like the message below:
Most of the messages will have a greeting followed by the words: "A user just logged into your Facebook account from a new device iPhone 11 Pro. We are sending you this email to verify it's really you." We also saw a variation of the message that mentioned a different device: "iPhone 12 Pro Max."
However, the social media company does not send out messages like these with buttons that say "Report the user" and "Yes, me." It's an email scam.
While the message might appear like a legitimate email from Facebook, there's one way to know for sure. Readers can look at the "From" part of the email in order to determine if it came from a legitimate Facebook email address. In this case below, it came from a strange email address ending in "secomag.za.com." We saw another of the scam emails with "tuufisz9capmuourwp75.designclub.uk.com." Neither of these is an official Facebook email address, meaning that it's a scam.
So what are some of the official Facebook email addresses? Facebook.com, fb.com, and facebookmail.com are three trustworthy email accounts that are owned by Facebook. If readers receive an email that is legitimately from one of these email addresses, then it is not a scam.
For example, Facebook's Help Community once confirmed that the email address firstname.lastname@example.org is trustworthy and is not involved in scams.
At the same time, if an email is received that displays one of the official email addresses, it's advised to click or tap any arrows or dropdowns next to the email address at the top of the message. Once that area is expanded, it'll show if the displayed email address matches the real one, like this:
In sum, do not click any links if you receive the Facebook email scam that claims "someone tried to log in to your account."