Alert for new Facebook phishing scams impersonating Meta

  • Fake messages on Facebook, Messenger, and WhatsApp threaten to suspend accounts to force "verification."
  • Victims are redirected to sites that mimic Facebook or to Mailto: emails that validate their email.
  • Unofficial domains and urgency are key signals; enabling 2FA reduces the risk.
  • If you fall, change your password, log out, review legitimate communications, and use the Help Center.
Alberto Navarro

4 minutes

Facebook Phishing Alert

A wave of scams is circulating on Facebook, Messenger and WhatsApp. with messages that appear to come from the Meta team and warn of an imminent account suspension if it is not verified immediately.

Criminals copy the aesthetics and tone of official communications To gain trust and direct users to fraudulent pages where they capture their credentials, experts from Kaspersky and INCIBE recommend extreme caution.

What's happening

The plot begins with notifications that claim you have broken the rules. for posting inappropriate content, spamming, or violating internal policies; it is suggested that the "Meta AI" has detected irregularities and urges the account to be verified.

The hook uses pressure phrases like “we can suspend your profile if you don’t confirm now.” and provides one or more links to complete the supposed security process.

By clicking, the user lands on websites that clone Facebook colors, logos and forms., but if you check the address bar, domains that do not belong to the company appear, such as facebooksecuritys24h.wixstudio.com or the more crude www.bossfixshing2025.site.

These forms ask for username, email and password.With this information, attackers change the password and associated email address, taking full control of the profile, and sometimes demanding a ransom, perpetrating additional fraud, or snooping on contacts and potential payment information.

The risk increases with professional accounts or those with linked pages., as they can affect advertising campaigns, the Marketplace, customer relationships, and brand reputation.

Detected variants: AI spoofing and Mailto emails:

The allusion to a supposed “Meta artificial intelligence” adds credibilityScammers rely on this authority effect and technical jargon to lower our guard and rush clicks.

Another method starts with an alarmist email about a password reset. or an unrecognized login; the buttons ("confirm" or "report") open a preconfigured email message with Mailto:, which doesn't steal data instantly, but validates your address and facilitates future deception schemes.

In these emails the use of typo-squatting can be observed., with senders mimicking company names to appear legitimate, while avoiding filters by not including traditional malicious links.

Indicators to detect fraud

These signs should set off all the alarm bells. when you receive notifications about your account:

  • Artificial urgency: threats of immediate blocking or unrealistically short deadlines.
  • Suspicious domains: addresses that do not end in facebook.com, meta.com or official subdomains.
  • Errors and strange details: spelling mistakes, strange capitalization, or unprofessional tone.
  • Request for credentials outside the official flow: external forms or on websites that are not Meta.
  • Absence of HTTPS or padlock: unencrypted pages or dubious certificates.
  • Hyperlinks that reveal traps on hover: links that point to other domains or originate a Mailto email: pre-filled.

What to do if you have clicked or provided data

If you interacted with the link or provided credentials, please act quickly. to minimize damage and regain control.

  1. Change your Facebook password immediately and avoid reusing keys from other services.
  2. Sign out on all devices from the security settings to revoke unknown access.
  3. Enable two-factor authentication (2FA), preferably with code application (Authy, Google Authenticator) instead of SMS.
  4. Check the “Recent Emails from Meta” section in your account to verify which communications are legitimate.
  5. Check recent logins and remove suspicious devicesIf you notice any changes to your email or phone number, restore them.
  6. If you can't access it anymore, please use the Facebook/Instagram Help Center. and complete the recovery process as soon as possible.
  7. Enable security alerts and consider an anti-malware scan if you downloaded files or installed extensions.

Good practices to protect your account in the long term

Constant prevention is the most effective barrier against campaigns that evolve and improve over time.

  • Don't click on links that ask for "urgent verification"; always access it from the official app or by typing the URL into your browser.
  • Check URLs with a magnifying glass; be wary of strange subdomains and shorteners that hide the destination.
  • Use unique and strong passwords with a reliable password manager.
  • Set up 2FA on all your key accounts and keep backup codes in a safe place.
  • For business profiles, review roles and administrators, add a second trusted admin and audit access to Business Manager and pages.
  • Keep your devices and browsers updated to reduce the attack surface.
  • Maintain a healthy distrust of alarmist messages, as recommended by Kaspersky and INCIBE.
Facebook and Spotify
Related article:
How to Spot and Avoid the Most Dangerous Facebook Scams: A Complete Guide

The use of phrases alluding to a supposed “Meta AI” and emails with Mailto: reveals that Facebook phishing continues to perfect its social engineering.Staying vigilant, always checking official channels, and strengthening security with 2FA and strong passwords is the most effective way to avoid these traps and protect both personal accounts and professional assets.