Fake Facebook account closure scam aims to steal login credentials

Image (c) ConsumerAffairs - Beware of phishing scams targeting Facebook users with fake warnings of account suspension due to fraudulent activity. Learn how to protect yourself.

Scammers try to create anxiety so victims will act without thinking

  • Scammers are sending fake Facebook warnings claiming accounts will be closed or suspended because of "fraudulent activity" in an effort to steal login credentials.

  • The messages often direct users to a counterfeit Facebook login page where usernames, passwords, and even two-factor authentication codes can be captured.

  • Cybersecurity experts say users should never click links in unsolicited account warnings and should instead log into Facebook directly through the official app or website to check for any legitimate notices.


Facebook users are once again being targeted by a phishing scam that falsely claims their accounts are about to be shut down because of alleged fraudulent activity.

The scam typically arrives as a Facebook Messenger message, email, or direct message from what appears to be Facebook or Meta. It warns recipients that their account has violated Facebook's policies, has been involved in suspicious activity, or will be permanently disabled unless they immediately verify their identity.

The messages often include a prominent button labeled "Appeal," "Verify Account," or "Secure Your Account." Instead of taking users to Facebook, however, the link leads to a convincing but fake website designed to look nearly identical to the real Facebook login page.

The goal is simple: steal account credentials.

Once victims enter their username and password, scammers can immediately gain control of the account. Some phishing sites also ask for two-factor authentication codes, allowing criminals to bypass additional security protections.

With access to a Facebook account, scammers can lock out the legitimate owner, impersonate them to solicit money from friends and family, operate fraudulent Marketplace listings, or use business accounts to run unauthorized advertisements. In some cases, compromised accounts become launching points for additional phishing attacks.

Meta has repeatedly warned that phishing remains one of the most common ways criminals compromise accounts. The company says it removed more than 159 million scam advertisements and disabled 10.9 million Facebook and Instagram accounts linked to organized scam operations during 2025.

Red flags to watch for

Security experts say these fake account suspension notices share several common characteristics:

  • They create a false sense of urgency, demanding immediate action to avoid account deletion.

  • They contain links that do not lead to an official facebook.com or meta.com domain.

  • They use generic greetings instead of addressing users by name.

  • They contain grammatical errors, awkward wording, or unusual formatting.

  • They ask users to enter login credentials or verification codes after following a link.

According to Facebook's Help Center, legitimate account notifications can be viewed by logging directly into your account. Users should be suspicious of unsolicited messages urging them to click a link to resolve an alleged account problem.

How to protect yourself

Facebook users can reduce their risk by following a few basic security practices:

  • Never click links in unexpected emails or messages claiming your account is at risk.

  • Open the Facebook app or type facebook.com directly into your browser to check for official notifications.

  • Enable two-factor authentication to make it harder for criminals to access your account.

  • Use a unique, strong password that is not shared with other online accounts.

  • Report suspicious messages to Facebook and delete them without responding.

Anyone who believes they entered their credentials into a fake website should immediately change their Facebook password, review recent login activity, enable two-factor authentication if it is not already turned on, and check whether any recovery email addresses or phone numbers have been changed.

Meta said it continues to expand AI-powered scam detection and new warning tools across Facebook and Messenger. However, the company said user vigilance remains one of the strongest defenses against increasingly sophisticated phishing attacks.


Stay informed

Sign up for The Daily Consumer

Get the latest on recalls, scams, lawsuits, and more

    By entering your email, you agree to sign up for consumer news, tips and giveaways from ConsumerAffairs. Unsubscribe at any time.

    Thanks for subscribing.

    You have successfully subscribed to our newsletter! Enjoy reading our tips and recommendations.

    Was this article helpful?

    Share your experience about ConsumerAffairs

    Was this article helpful?

    Share your experience about ConsumerAffairs