Administrators of some Facebook business pages have recently been receiving alarming messages from accounts that appear to belong to Facebook staff members letting them know their page will soon be deleted.
“Important Notification: Your Facebook page is scheduled for permanent deletion due to a post that has infringed upon our trademark rights. We have reached this decision after a thorough review and in accordance with our intellectual property protection policies,” a portion of the message says.
There is a link in the message for the recipient to click on if they choose to appeal the deletion.
VERIFY received the message in our inbox, and posters in this Reddit thread said they received messages with nearly identical text.
THE QUESTION
Is a Facebook message about business pages being deleted legitimate?
THE SOURCES
- Better Business Bureau (BBB) Scam Tracker
- Blog posts from MalwareTips.com, a website about cybersecurity and privacy
- VERIFY analysis of the Facebook message
- University of Denver Information Security Department
THE ANSWER
No, Facebook messages about business pages being deleted are not legitimate. This is a scam.
WHAT WE FOUND
According to the Better Business Bureau’s (BBB) Scam Tracker, this message is a type of phishing scam. The exact text of the message received by VERIFY was posted on the scam tracker and reported on Dec. 13, 2023.
Phishing scams are a type of cyber security attack. Scammers target individuals through email, text messages, phone calls, or other forms of digital communication.
The BBB says the goal of these kinds of cyber attacks is to “mislead recipients into providing personal information that the scammer will use to gain access to bank accounts or steal recipients’ identity.”
Before clicking on the links in the message, VERIFY hovered our cursor over the link to view the full URL and also Googled a portion of the shortened link. We found the shortened link doesn’t redirect or contain any official link to any Facebook or Meta support page, which is a red flag and indicator this is a scam.
When we eventually clicked the link using an incognito browser, we were redirected to a defunct website that had a 404 error code. We also investigated the links in the Reddit thread and on the BBB website. Those were also not working and didn’t redirect us to any official Facebook support page.
Further, the name of the “person” who sent the notification to VERIFY is “Terron Berardi.” VERIFY conducted a Google search for someone with that name who may work for Meta, Facebook’s parent company, and found no evidence this person exists.
According to blog posts from MalwareTips.com, a website that covers cyber security and privacy, these types of messages appearing to come from a Facebook official are not new. Some of the scam messages warn your page could be deactivated, the site says, and contain similar text to the messages about deletion.
“[The messages are] carefully crafted and distributed on a mass scale by scammers to trick unsuspecting Facebook users. Their goal is to scare people into providing sensitive login credentials or personal information. This is accomplished by directing victims to fake Facebook support websites, unusual login pages, or phone numbers controlled by the scammers themselves,” MalwareTips says.
The blog post continues: “These fraudulent pages and flows are designed to closely mimic Facebook’s interface and messaging in order to harvest user account details, financial information, or even install malware onto devices. It is an attempt to fully take over user accounts for malicious purposes. But the links, websites, and phone numbers are not authorized or associated with Facebook in any way. They are part of a scam orchestrated by bad actors to steal personal information and hijack accounts.”
Here are some tips to consider before you click on any link. The University of Denver Information Security Department says to take a look at the web address, or URL, itself for these common red flags:
- The end of the URL has characters that don’t seem like they belong. Like underscores, hyphens or symbols. For example, google.com is not the same as google-search.com.
- The URL is entirely numbers.
- The link is shortened, which usually means it’s not in a typical “www.example” form.
VERIFY reached out to Meta, Facebook’s parent company, for comment about the scam but didn’t hear back at the time of publication.