Although this is not a new trick, a particularly nasty scam has resurfaced recently and appears to be taking Meta business account access away from people. Scammers, no more than Artificial Intelligence, have gotten more intelligent,more sophisticated and more dangerous. Their emails look more legitimate and there are no more poorly written messages that are either out and out spam or the work of a dodgy African Prince with no place to deposit his millions.
In this particular scam, the emails being sent vary slightly but are generally something like the following example:
“Recently, we discovered a breach of our Facebook Community Standards on your page. Your page has been disabled for violating Facebook Terms. If you believe the decision is incorrect, you can request a review and file an appeal at the link below. Failure to do so will result in your page being permanently deleted in 24-48 hours”.
Firstly and most importantly do not click any link on the email received. Take a minute and think about the information they have told you. It states that your page has been disabled. This may not be true. If you have the app on your phone check to see if the page is still visible to the public. If your page is still up, the email is quite clearly a scam. Scammers use wording such as “disabled”, “permanently”, “deleted” with short timelines to pressure you into reacting without thinking. Your next step is to check what access you still have and whether that has been lost to you. If you can view your page but are no longer an admin check with other admins of the page to see if that is also the case for them. The purpose of this scam is to hijack your account and in particular to access your Meta ad manager to scam you by charging ads not associated with you or your business to your account. But don’t panic, there are steps you can take to mitigate and avoid the damage.
Business pages can only be accessed via a personal account that belongs to someone with admin access to a Page. If you think your business page has been taken over by someone else, it may mean that it was accessed via your personal account or an account of someone who is also an admin on the business page. Your account may have been hacked if you notice:
Email or password has been changed.
Email to say you were removed as an admin
Name or your date of birth has been changed.
Friend requests have been sent to people you don’t know.
Messages sent that you didn’t write.
Posts have been made that you or any other admin didn’t create.
If this has happened to you, there some steps you can take:
Personal Account: If your personal account was hacked, you can take steps to help secure it.
When talking to Meta ensure you do so via their support messenger service, phone or through email and only after you have initiated the contact with them. When you create a support request you will be given a case ID. This ID will be incorporated into the email you receive for example: Meta Support <email@example.com> (no hyperlink just text).
What to do if you get an email that may be dodgy or a scam?
Read the email thoroughly and do not act in haste.
Do not click on any links, navigate the app/website the way you would normally access your account and login there.
Setup 2FA with a code sent to your phone when logging in from an unusual device.
Setup Google Authenticator on your phone – they will not allow you to login to an illegitimate website.
If in doubt at all DO NOT CLICK THE LINK, instead please utilise your Dmac Media support package by getting us to review your suspicious Meta emails. Simply forward the email to firstname.lastname@example.org and a member of our Digital Marketing team will advise you on how best to handle the email.