Facebook 2FA Phish Scam

Facebook Phish Scam

Need our help for Security?

Sidebar Widget Form

Facebook 2FA Phish Scam Reported by Sophos

Recently, Social Media platforms are being widely used for carrying out various types of Phishing scams on the users. Hackers or cybercriminals always discover new techniques to scam people and if one doesn’t pay proper attention, they can be cheated through the scams. One such scam was brought to light in Jul ’22 by Sophos. 

The Sequence of carrying out the hack – explained!

The scam begins with users receiving an email from various domains that resemble the actual Facebook domain, example: This mail notifies that either there is an issue with a User’s Facebook Account or Pages that a User handles or the Account being terminated in a notified time for not following the required Community Guidelines.

The scammers specify the actual Facebook link in the mail for Users to click and follow the further instructions. Although this appears as if the link is original, it doesn’t represent a plaintext URL. It is a HTML link where the text appears to be the correct URL but the actual link is a hypertext reference which on clicking the link will redirect to the hacker’s hidden page or the fake website that is If a User is in a hurry and does not notice this fake URL then that User might fall prey to this scam.

What continues further is the fake website that looks exactly like the original support page of the actual site, where the scammer asks you to fill in your account details such as username, email address and password to login to the application to resolve the issue. If the Users do not notice that it is a fake website and enter the credentials, then the hacker will steal the credentials and try to login to the actual application by using your credentials.

If you have enabled Two Factor Authentication [2FA] on your account, then the fake website will redirect you to authenticating the 2FA code either through the Authenticator or codes via Text Message method. The hacker will have carefully designed his fake website to resemble the actual 2FA page of the website.

Whichever method of 2FA you may use, the hacker will ensure that he obtains the 2FA Code to login to the Account. As a final trick, the hacker will redirect you to Facebook’s Original Support Page to make it seem authentic, indicating that everything went well.


As phishing attacks continue to improve, the average User isn’t going to be able to tell the difference: all they’ll be seeing is a legitimate-looking login screen asking for seemingly sensitive information. In the end there is a lot that can be done to prevent phishing attacks from happening. However, the biggest thing everyone can do is to be wary of anything that requires the input of personal information and always check for a secure connection before entering sensitive data!

Here are some measure that you can start following immediately to avoid becoming victims of such scams:

  1. Inspect email links correctly.
  2. Don’t click on the links received in the emails which look suspicious.
  3. Be aware of website domains and URLs.
  4. Never submit your credentials in a hurry.

It is also important that you take the time to configure Privacy Settings on your Social Media Accounts so that you can avoid falling prey to such phishing scams. Read out article on How to Configure Privacy Settings for Social Media Accounts by clicking here.

Recent Posts

Need Our Help For Security?

Contact Form Demo