"A Man Jumped on the Mall" Facebook Scam

“Copyright Violation” Facebook Phish

Copyright warnings appearing out of the blue can be vaguely terrifying at the best of times, and we’ve spotted a phishing scam using them as a launchpad for data theft.

The name of the game is worrying the potential victim into clicking on the supplied link, with a curious mix of copyright violations and account verification.

Here’s an example:

Copyright message

The message reads as follows:

Hi

We received reports that you're making copyright violations on your Facebook page. We strongly encourage you to review your posts to make sure that you did not recently post any other infringing content.

Please review your posts and become more careful about your posts. Additional violations of our features will result in your account being permanently disabled.

If you think this is a mistake, please verify your page on the link below.

apps(dot)facebook(dot)com/1706820689590690

Note: if you don't verify your page within 48 hours in the link above we will remove your page from Facebook.

Thanks, Community of Facebook

As you may have guessed, Facebook does not issue copyright notices then direct you to apps pages. The Apps page on offer here is a “Get Verified” effort, complete with request for name, email / phone, password, profile link and “comments”:

Facebook pages - get verified

Facebook pages - this appeal form is to help account owners to verify ownership of their accounts. Please be careful by filling out this form, you must put valid data on all the fields. We made the form for:

Developing a customized strategy for helping account owners, guiding you through the process of verifying your rights, helping you track and optimize your access logs of your account. If you received an email or message to your account or to your page to verify your ownership., you are obligated to fill out this form.

We reported the page to Facebook, and it is now offline.

All gone

Verify your account scams are fairly old, but throwing tall tales of copyright issues into the mix for that extra sheen of panic isn’t quite as common.

Always do your best to keep your logins safe and, if in doubt, go to the site owners directly – never enter your credentials into a link sent your way in random Facebook messages.

Christopher Boyd (Thanks Cecile).

 

ABOUT THE AUTHOR

Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.