What can I do if I've been phished on Facebook?
What is phishing?
Phishing is when someone tries to get access to your Facebook account by sending you a suspicious message or link that asks for your personal information. If they get into your account, they may use your account to send spam.
Example: Joey gets an email saying he needs to log into his Facebook account and read an important message about his account. The email links to a strange looking website asking him to enter his username and password.
I think I've been phished. What can I do?
If you accidentally entered your username or password into a strange link, someone else might be able to log in to your account. Here are some things you can do.
- If you are able to log in to your account, learn how to secure your account by resetting your password and logging out of any devices you don't own.
- If you can't get into your account and your username or password don't work, learn how to recover your account.
- If you want to see if anything strange has been happening to your account, learn how to review recent activity and check recent emails sent by Facebook.
- You can always report strange emails to firstname.lastname@example.org.
How do I avoid getting phished?
Look out for suspicious emails or messages
- Don't trust messages demanding money, offering gifts or threatening to delete or ban your Facebook account.
- Emails from Facebook about your account always come from fb.com, facebook.com or facebookmail.com. You can always visit www.facebook.com or open your Facebook app to check for important messages from us.
Don't click suspicious links
- If you get a suspicious email or message claiming to be from Facebook, don't click any links or attachments.
Don't respond to these emails
- Don't answer messages asking for your password, social security number, or credit card information.