How to Avoid Phishing Scammers Impersonating Facebook

April 26, 2024
By   Jen McDonnell
Category   Social Media
how to avoid facebook scams

Phishing schemes designed to gain access to Facebook accounts have increased in frequency and sophistication. It's more important than ever to protect your personal information, and know what to do if your Facebook profile has been hacked.

Scammers impersonating Facebook are getting more and more sophisticated. They often craft messages that look and sound very much like legitimate notifications from Facebook, urging you to take immediate action by tricking you into giving up your login information, which could lead to them having full access to your profile.

There has been an increase in email, comment, and DM-based scams from senders purporting to be Facebook who send alarming warnings about supposed issues with your Facebook account (usually citing a security risk or an infringement report filed from a third party), and urge you to click on a link, claiming your Facebook Account might otherwise be disabled, and your profile or page might be removed. Here’s how to avoid falling prey to their tricks.

Emails from “Facebook”

If you ever get an email claiming to be from Facebook, you can confirm if it’s actually from the social media network by checking that the sender’s address comes from emails like “”, “,” “” or “” instead of a non-branded, suspicious email address such as “[email protected]”. If the sending email is not from a Facebook or Meta domain, do NOT click on any links, mark as spam, and delete immediately.

If you are still unsure if the email originated from Facebook, you can also log into your Facebook account and look at your settings, which houses a running list of all the recent emails Facebook has sent you. Go to your settings and click on the “Security and Login” tab. Scroll down to where it says “Advanced” and you should see an area labelled “See recent emails from Facebook.” If you hit the “view” button next to it, you’ll get a list of all emails Facebook has sent you (such as a request to change your password) in the last few weeks in the first tab marked “Security”, and emails about mentions, likes, etc. in the “Other” tab.

facebook scam emails

Never click a link in an email that claims to be from Facebook if you can’t confirm they sent it.

If you see an email that you’ve confirmed is from “”, “” or “” and it says you’ve changed your password or made a change to your account that you don’t remember doing, you can click the “I Didn’t Do This” or “Secure Your Account” links so Facebook can help you review recent activity.

DMs, Reviews and Facebook Comments

You may receive official-looking messages in Messenger or in your business page’s inbox. These often include urgent language, such as “Your Facebook account will be deactivated unless you take immediate action!” Often, the message will seem to come from “Facebook” but if you look closely you’ll notice the name may include special characters, certain letters in a different font than the others, or zeros instead of Os. The logo may also be flipped, be an old version that Facebook no longer uses, or otherwise look off. They will also come from a profile that is clearly not official when you visit it. Facebook will not send you these sorts of notices as a comment, review or DM so it is best to ignore them and not click. You should report these by clicking on the three dots next to them, selecting “report,” and then clicking on “fraud,” which may get it removed from your page.


facebook scam messenger

Facebook spam example

Text Messages

Scammers often send legitimate-looking texts from fake or hacked accounts with a message urging you to click on the link. When you do, you’ll then be prompted to log into your Facebook account to view the content, with a login screen that looks remarkably similar to Facebook’s. Before you do, be sure to look at the address bar. Is it coming from a website other than If so, do not log in as you are most likely the target of a phishing scam.

facebook text scam


Protect Your Account

In your personal profile settings, it is important to list your up-to-date email address and phone number, in case Facebook has to email you or text you a recovery link if you are ever locked out of your account.

To future shore up your security, sign up for alerts about unrecognized logins by going to your settings, clicking on the “Security and Login” tab, scrolling to the area marked “Setting Up Extra Security” and clicking “edit” next to “Get alerts about unrecognized logins.” We also highly recommend you use an automatic password generator to create secure, unique passwords for all of your accounts.

You can also select friends to act as your “Trusted Contacts” on your Facebook account. Should something happen with your profile, they will be able to help you recover your account if you ever get locked out.  Under your Facebook settings, click on the “Security and Login” tab, and scroll down to the “Set Up Extra Security” section. Choose 3-5 friends that you can contact if you have issues with your account. Your trusted contacts can send a code and URL from Facebook to help you log back in.

Most importantly, we urge you to turn on two-factor authentication on both Facebook and Instagram to increase your account’s security. Under your Facebook settings, click on the “Security and Login” tab, and scroll down to the “Two-factor authentication” area to enable it. Once you set it up, you should also access the recovery codes in this section by tapping “Recovery Codes”, then tapping “Show Codes.” This will give you 10, one-time only codes that you can use should you ever have an issue with your authentication app. Write down these codes or save them someplace safe.

What To Do If Your Facebook Account Has Been Hacked

If you accidentally click a suspicious link, Facebook can help you secure your account at or or If you have set up Trusted Contacts, you can also follow these instructions to send them a recovery code that they can use to help you gain access to your account.



Facebook phishing scams


Jen McDonnell

Jen is the Vice President of Content and Social Media at Reshift Media, where she manages a team responsible for the social strategies for several national and international brands. She has a strong content background, having previously worked in online journalism for 10 years. Her articles have been published in the National Post, the Ottawa Citizen, the Vancouver Province, the Calgary Herald, Flare, and more.

Write a comment

Your email address will not be published. Required fields are marked *

Comments (2)

  1. I have a similar problem – FB now in Chinese so can’t delete my account, can’t get in contact with anyone from FB !? and now being inundated with Chinese FB emails. Is there anything that I should do please? Thank you.

  2. Facebook scams can take many forms.It may come directly to your inbox or through a link of a video or even a news story. We should need to be very careful when opening any alerts and messages appearing to be from facebook. The safest way to deal with this is to look analyze fake links from legitimate ones based on the content. It is best to not open it if you’re in doubt. Thank you for sharing your tips!