The scam account that comes from a hacked user is using Google’s Firebase Hosting for the hosting on the top level domain “Web.app” which is owned by Google. For example the above mentioned scam page uses Namecheap for the domain registrar and for hosting using the domain “”. The scammers use a multitude of hosting / domain registrar resources. This hacked account used to be a mother posting photos of her and her baby. Screenshots from a Restriction Details hacked scam account on Facebook: Here is a personal account that has been hacked with their personal name changed to “Restriction Details” Here we see the friends this once real user had on Facebook before the account was hacked by the scammer. Screenshot of a Restriction Alert scam Page on Facebook: A screenshot of one of the Restriction Alert scam pages on Facebook. The accounts will have a mixture of old posts and photos from the actual account owner and newer posts about the scam. This is likely why when reported to Facebook neither the page or the posts are taken down. The pages often have no other posts, no cover photo, and the post you are given a link to can’t be found from their main page. NtfhJyZhEVĪll of the Pages / hacked accounts used in this scam are titled “Restriction Alert” or have the name “Restriction Details” most of them we have seen so far have the logo / profile photo of a blue-ish colored shield. Shoutout to Gyi Tsakalakis for posting these screenshots on Twitter. These scams look legitimate because they use a post on a Facebook Page as the landing page for the email phishing scam, which then redirects users to another site. Please keep in mind that if we do not receive an appeal from your account we have to respect the decision mentioned above. We've prepared a case for you to appeal and resolve the matter effective immediately. Please keep in mind that we reserve the right to change, suspend, or revoke your access at any time. This is a serious problem that goes against our standards. We've received numerous reports about the content on your account. If you believe these reports are not being made in good faith or are inaccurate, please click the link below:Īnd here is how another one, this time claiming to be from Meta, reads: Hi , We just received a report from a third party that the content you posted infringes or otherwise violates their rights.Īccordingly, your account has been repeating these actions, this means your Facebook Account might be disabled, and your page might be removed. The first version claims the emails are coming from Facebook (not Meta) and specifiy copyright infringement. There are a few versions of this scam going around. DO NOT TAKE ANY ACTION THE HACKERS WILL TAKE OVER YOUR ACCOUNT. If you are getting an email with a link that takes you to a Facebook Page / account called “Restriction Alert” or “Restriction Details” it is a scam. Hopefully this article keeps you from falling prey to this until Meta decides to actually take action and protect users. We’ve already had several clients get these emails as have several colleagues. Scammers are sending phishing emails out scaring small business owners and then stealing their Facebook login information and Facebook / Meta is not taking action on this latest scam.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |