Last updated on February 5th, 2024 at 03:26 am
There were multiple reports on r/scams yesterday of fraudulent Facebook messages being sent to users with Facebook Business accounts. The messages claim the recipients have violated Facebook’s intellectual property policies and that their pages will be deleted unless they click a link to a non-official site. Users should not click the links, however, as they are malicious.
Fake messages
The scam messages are being sent from accounts with names of the form “Guest 4601,” and warn users “Your Facebook page will be permanently deleted due to a post that violates our trademark rights.” Recipients are then instructed to “submit a complaint requesting a restoration of this page before it is removed from Facebook,” by clicking a malicious link.
Two different scam domains were used in the messages posted on Reddit: fbpage-notifications[.]com and notice-pages[.]com (I have put square brackets around the dots to prevent anyone from accidentally visiting these malicious sites.) Both domains were registered on January 15th, the same day the messages were sent.
When I visited the malicious URLs using Any Run, an online virtual sandbox, I found both sites were identical and asked for the user’s name, email, birth date and phone number, and had space for them to write their appeal.
I reported both domains to the registrar, Network Solutions, for phishing but as of the time of writing, they remain operational and they were terminated for fraudulent activity on January 18th.
The takeaway
If you receive a Facebook message warning your page will be deleted for trademark infringement unless you click a link, don’t click the link! Instead, block the sender and delete the message.
Thank you Rebecca Morris for your helpful article…In early Dec of 2024 I received exactly the same message you described above from a photo of an Arabic looking man in Poland with a mustache and an unusual name. I just got to his FB message today 1/26/25 that I first posted with them in 2012. I am not a fan of their hegemonic geopolitic fact censoring that has deplatformed me once and censored many analytic informational posts. So, I have very little contact with any FB “doublespeak” messages about my past or current “infringement on their intellectual property rites,” which is total nonsense. I did not click on his link but wrote in the message box “I have no idea what you are talking about,” sent it, and deleted his message. I hope my message box response to him did not activate his link. I started digging after I sent it and found your site. I regret acting in such haste and did not carefully document all info surrounding his message I need to take further steps as you took to stop “him.”
Sorry to hear you received this scam message. As you didn’t click on the link and just sent him a message back, you should be fine. Stay safe out there!
Similar Messages sent to us in France last night threatening that if we didnt make a complaint within 12 hour. facebook account would be terminated..
A further message was received around mid-day from Piotr Do with logo’s from Business Help Centre.
So watch out for that!
Thanks for letting us know and helping us stay safe!
Hi,
Thank you for the report, a little too late for me, perhaps. I foolishly tried to go to the website (ignoring the fact that the word “business “ was spelled with two esses) and landed on a “web page does not exist” or similar message.
Did I compromise myself by going there?
Thanks again.
Hi Randy! Sorry to hear that you received one of these scam messages-there seems to be a lot of them going around at the moment. Usually these kinds of scams are after your login credentials or other personal information, so if you did not enter anything on the shady site then hopefully you will be fine! There are a few precautions you can take if you’re concerned, e.g. changing your Facebook password, checking your Facebook settings to make sure there are not any unauthorized logins, and turning on 2FA. Let me know if you have any more questions!
On 2/18/ 25 the business I work for received one of these messages. It came from the name [redacted] posing as Meta support business.
[Note from Safe Not Scammed: The name of the account mentioned was redacted as often scammers use accounts of real people that have been hacked.]
I’m sorry to hear that you received one of those scam messages. There seems to be a lot of them going around at the moment! Stay safe out there!
What if someone clicked the link? But didn’t enter any credentials?
Hi Roy! Sorry for my late reply and sorry to hear that you received one of these scam messages. Usually these kinds of scams are after your login credentials or other personal information, so if you did not enter anything on the shady site then hopefully you will be fine! There are a few precautions you can take if you’re concerned, e.g. changing your Facebook password, checking your Facebook settings to make sure there are not any unauthorized logins, and turning on 2FA. Let me know if you have any more questions!