Today, a post on one of my pages was shared by a Facebook page calling itself “Notify maintenance publish.” The account attempts to fool Facebook page administrators into thinking that their page has been reported and that they need to “confirm” their account.
When sharing the post, the page in question adds the following text:
WARNING PAGE Activity: Your Account will be deactivated. Your account will be disabled! Because Your account has been reported by others. Our system has received the following reports. √ false name √ fraud on your account. √ you write content (coarse). √ using other people’s images and obscene images. If you are the original owner of this Account, please re-confirm your Account to avoid blocking. Please check your Account here.
Underneath, they provide a link, which leads to a website called twomini.com. I’ve checked and it seems that twomini.com is actually a free domain, which means that the person behind this phishing scam is probably hosting their website on some sort of free hosting server.
Once you click on the link, you are provided with the following text (written in badly-worded English):
Your Account have been reported by other user. We will close your page if the allegations are true that you do not follow.
It then goes on to state:
In some cases we may not issue a warning before disabling your account. Also note that we don’t restore accounts that were disabled for severe violations of the Facebook Community Standards. If you think that your account was disabled by mistake, please confirm your account to avoid disabled here:
Underneath, they provide a fake login form, which looks pretty similar to the Facebook login form that everybody is used to. Of course, the goal here is to get page administrators to enter their Facebook login details so that the person behind this scam can take over the account and spam the pages that they manage with God knows what!
If you have fallen victim to this phishing scam, I suggest that you:
- Change your Facebook password immediately.
- Change the password of your email address if it is the same one that you use for your Facebook account.
- Finally, go to your account settings and find the security section. There, you should be able to review “Where You’re Logged In”. There, you should work up from the bottom and select “End Activity”, which kills logged-in sessions.