Alerts •   Jan 11, 2023

Facebook phishing

taking social phishing to a new level

Facebook phishing has become an increasingly popular way of stealing confidential information and gaining access to both personal accounts, as well as business pages. This modus operandi is especially effective whenever people use Facebook for work or day-to-day purposes; plus, the simplicity with which fraudsters can copy and create bogus admin accounts that mimic the genuine administrator makes it easy for them to execute their schemes. By constructing these counterfeit admin pages or accounts, criminals try to fool victims into entering their credentials and gain control over any account associated with such a platform.


Recently, our Facebook account has experienced a few notifications requiring admins to claim their page with a Tiny URL to enter their credentials. Unfortunately, once these passwords are entered within seconds, all accounts and assets associated with the login information will be compromised. If you've had the fortune to stumble upon this article, your luck is in! We know many Singapore Business Pages are being tagged on notifications, and we wanted to help you know what actions should be taken. So sit back, relax and prepare for a lesson on how fortunate you are.


You'll need to change your password if you've clicked the URL provided and logged in with your credentials. Also, please check if any users on the page shouldn't be there - and take immediate action by removing them. Turning on the two-factor authentication (2FA) adds a layer of security to your account, protecting it from unauthorised access. Once you have finished the check, please determine if the account has been used to send any messages or requests. If you find one, please don't hesitate to contact whoever got it. Unless there is an absolute necessity, avoid responding in the same message thread as a cybercriminal may still be connected and monitoring it. Also, check if any apps are added to the account or page, and remove them immediately if you see them.


Remember to make a public announcement if your account has been compromised; that way, anyone who didn't receive the message or any of their contacts will be able to warn each other. If things become more serious, contact authorities and ask for help from the platform itself.


Remember, cybercrimes are rising, and criminals continue targeting vulnerable accounts. It is our duty as users to stay vigilant and be aware of any suspicious activity. Although it’s impossible to guarantee protection against such attacks completely, we strongly recommend that you take proactive measures to avoid falling prey to this malicious intent. Stay safe! 


Keyword: Social Network Registery Corporation 1071623571, Facebook Community Standards, 24 hours to complete, Tiny URL, Facebook Page Polices, Community Standards, Meta Community Standards Team