Many people are getting a scary type of message right now. It claims to be a legal notice about Walt Disney Studios and copyright infringement. While the email is realistic and scary-looking, I am sure it is a fake. If you receive this Meta Legal Phishing in your inbox, do not cooperate with it!
The Phishing Message
Here is Exhibit A for you to look out for:
As phishing scams go, this one is pretty sharp. Only the sender email address is a giveaway, and I realize that some email apps hide that. Many recipients may have little indication, at the start, that this is a fake. The spelling is decent. The logos and signature are accurate. If you hover over the CONTACT US button, the URL preview shows a real Facebook.com address!
Deeper into the Scam
The reason that the contact-button shows a real Facebook URL is because it leads to a specific Facebook profile. Scammers have created a new profile page, named it Legal Department, and linked directly to their Messenger Chat function. Anyone who clicks the button will begin a Facebook chat with the scammers. And they are ready to chat with you!
Well, “chat” is not the right word. They have various auto-replies set up, and you will get messages that urge you to click other links and “appeal” the scary legal action against you.
I tried chatting with these criminals. Posing as a remorseful and naive Facebook user, I claimed that I regretted my actions and wanted to settle the fine ASAP. Even when I offered to pay whatever it was that I owed, they kept repeating that I was to click their links and buttons to appeal.
If they don’t want money, then what is the goal here? They aim to steal your Facebook account.
Phishing for Your Password
Anyone tricked into clicking the button to Appeal is transported off of Facebook to a dangerous website. At this point, some browsers will pop-up phishing alerts. Others will simply prevent you from loading the page. But if the next page loads, it shows a clever fake that may make you think you are still on a legit site:
After this they ask for your email and other info:
And finally they demand:
Anyone who types info into this window is delivering their Facebook password to cybercrooks. After this happens, they will:
- Log into the Facebook account, using the provided email and password
- Change the account password, as well as the primary email and recovery methods
- Start doing crimes, using the victim’s identity
Facebook offers these steps to follow, if an account has been hacked and stolen. But I must warn: These steps often don’t work, if the criminal inside the account is thorough. Phishing victims often lose their Facebook accounts for good to this sort of scheme.
Dos & Don’ts
Don’t believe in thse emails! Facebook is not going to harass or threaten you with legal action because of Disney IP violations. If anything, they would just remove your post. Facebook/Meta does not have enough staff to police itself or help people recover their lost accounts, so they certainly don’t have the manpower to chase down small infringement matters.
Don’t waste your time contacting the scammers, even to tell them what-for. It’s just not worth it. And remember: Facebook is powered on engagement. That means they may recommend more of the things that you click and comment on. Do you really want Facebook steering you towards other suspicious pages and posts?
Do report this sort of scam, if you are comfortable doing so. You may mark the email as Spam/Junk Mail, if your mail provider allows for that. If a scammer has used FB Messenger to chat you, look to the right side for an option to Report the conversation (this may be hidden under Privacy and Support). If you have visited a scammer’s FB Page, the entire profile can be reported as well, using the 3 dots button under the masthead photo.
Unfortunately, Meta Support is now largely run by AI, so your reports of these scammers may be disregarded. But we should still report these scammers. The hope is that if enough reports come in, Meta will pay better attention and do their job to protect us.