"Your Facebook account will be closed": the message that's really after your login
A message lands saying your Facebook account will be closed or suspended over "fraudulent activity," and you need to appeal right now or lose it. It feels urgent, official, and just plausible enough to make your stomach drop. It's a scam - one that consumer watchdogs flagged again this month - and the whole thing is built to rush you into typing your password somewhere you shouldn't.
The link doesn't go to Facebook. It opens a convincing copy of the login page that captures your email and password the moment you enter them - and many versions then ask for your two-factor code, your date of birth, even a photo of your ID, so the crooks can seize the account and lock you out completely. Researchers who tracked one industrial version of this (nicknamed "AccountDumpling") found it hijacked around 30,000 accounts by sending the emails through a trusted Google service so they sailed past spam filters. The messages arrive by email, by Messenger, and as Facebook notifications.
The rule that defuses all of it: never sign in through a link in an account-warning message. If you're worried the notice might be real, open Facebook yourself - type the address or use the app - and check your account status there. Real security alerts show up inside the site; Facebook won't email you asking for your password. Turn on two-factor authentication or a passkey, and be especially wary of any page asking for your password and your 2FA code and your ID all at once. No genuine login ever needs the lot.
Because this scam works by fooling you, awareness is the real defence. But if a phishing link ever led to something landing on your PC, Tendvane's Safety check surfaces unexpected startup programs and browser extensions, and its Privacy & accounts check shows how your sign-in accounts are protected so you can shore up the weak ones.