What steps can I take to protect myself from phishing on Facebook?

What is phishing?
Phishing is when someone tries to get access to your Facebook account by sending you a suspicious message or link that asks for your personal information. If they get into your account, they may use your account to send spam.
Example: Joey gets an email saying he needs to log into his Facebook account and read an important message about his account. The email links to a strange looking website asking him to enter his username and password.
I think I've been phished. What can I do?
If you accidentally entered your username or password into a strange link, someone else might be able to log in to your account. Here are some things you can do.
How do I avoid getting phished?
Look out for suspicious emails or messages
  • Don't trust messages demanding money, offering gifts or threatening to delete or ban your Facebook account.
  • Emails from Facebook about your account always come from fb.com, facebook.com or facebookmail.com. You can always visit www.facebook.com or open your Facebook app to check for important messages from us.
Don't click suspicious links
  • If you get a suspicious email or message claiming to be from Facebook, don't click any links or attachments.
Don't respond to these emails
  • Don't answer messages asking for your password, social security number, or credit card information.
Get alerts
Was this information helpful?