Monday, December 21, 2009

Facebook Account Compromised? - Read on...

Facebook Account Compromised?

Re-produced from Facebooks own Security Pages

My friend's account


It is possible that malicious software was downloaded to your friend's computer or that their login information was phished in an attempt to send spam from their profile.
We would like to investigate this issue further, but unfortunately, we cannot release information regarding a user’s account to anyone but the account holder.

For detailed information about this matter, please click here -
http://www.facebook.com/help/?faq=13394

We are currently working with people whose accounts have been affected by money transfer scams.
Please use caution around messages from friends claiming to be stranded and asking for money.

Your friend's Facebook account may have been compromised by cybercriminals attempting to impersonate them. Most frequently, these criminals will gain control of a Facebook account, and use the Chat or Status features to claim they are stuck in a far away location and in need of financial assistance.

If you have received a message like this, please enter your friend's account information in this form so that we can make sure your friend's account is secure. http://www.facebook.com/help/?faq=14257

My account


If you are having general trouble logging in to your Facebook account, please click here for more information. http://www.facebook.com/help/?faq=15468

We are currently working with people whose accounts have been affected by money transfer scams

The money transfer scam is characterized by cybercriminals using Facebook in an attempt to trick your friends into sending them money.
Most frequently, these criminals will gain control of a Facebook account, and use the Chat or Status features to claim that you are stuck in a far away location and in need of financial assistance.

It is possible that your email account was compromised as well, as obtaining access to a victim’s email is one of the primary ways these cybercriminals have been operating.
Please take the following steps to ensure the security of your Facebook account:
  1. Select a unique and complex password for your Facebook account and keep this entirely to yourself. You can do this from the Account Settings page of your Facebook account or by using the "Forgot Password" link on the login page.

  2. Select a new, unique password for any email address associated with your account, making sure to avoid using the same password for any account.

  3. Verify that you control all of the email addresses associated with your account on the Contact Email section at:

  4. https://www.facebook.com/editaccount.php

  5. Add a security question to your account from the Account Settings page if you have not done so already.

  6. Visit the following page for more information about Facebook security and how to report suspicious material:

  7. http://www.facebook.com/security
If you require further assistance in securing your account, please enter your account information in this form so that we can make sure your account is secure. http://www.facebook.com/help/?faq=15111

The FTC has created an alert, titled "Money Transfers Can Be Risky Business", that explains money transfer scams and other actions one can take. http://www.facebook.com/help/?faq=16148

It is possible that malicious software was downloaded to your computer or that your password was stolen by a phishing website designed to look like Facebook.

Please carefully follow the steps provided:
  1. Run anti-virus software: If your computer has been infected with a virus or with malware, you will need to run anti-virus software to remove these harmful programs and keep your information secure.

  2. Reset password: From the Account Setting page, you will need to create a new password. Be sure to use a different password than you use for other sites or services, made up of a complex string of numbers, letters, and punctuation marks that is at least six characters in length. Do not use words found in the dictionary.

  3. Never click suspicious links: It is possible that your friends could unwillingly send spam, viruses, or malware through Facebook if their accounts are infected. Do not click this material and do not run any ".exe" files on your computer without knowing what they are. Also, be sure to use the most current version of your browser as they contain important security warnings and protection features. Current versions of Firefox and Internet Explorer warn you if you have navigated to a suspected phishing site, and we recommend that you upgrade your browser to the most current version. You can also find more information about phishing and how to avoid it at http://www.antiphishing.org/consumer_recs.html and http://onguardonline.gov/phishing.html.

    Phishing is an online attempt to trick a user by pretending to be an official login page or an official email from an organization that you would have an account with, such as a bank or an email provider, in order to obtain a user’s login and account information. In the case of a phishing login page, the login page may look identical to the login page you would normally go to, but the website does not belong to the organization you have an account with (the URL web address of the website should reflect this). In the case of a phishing email, the email may look like an email you would get from the organization you have an account with and get emails from, but the link in the email that it directs you to takes you to the above phishing login page, rather than a legitimate login page for that organization.

    To prevent your account information from being obtained in a phishing scheme, only log in to legitimate pages of the websites you have an account with. For example, "www.facebook.example.com" is not a legitimate Facebook page on the "www.facebook.com" domain, but "www.facebook.com/example" is a legitimate Facebook page because it has the "facebook.com" domain. When in doubt, you can always just type in "facebook.com" into your browser to return to the legitimate Facebook site.
If you are still unable to access your profile, please send us more information regarding the issue so we can investigate. Please submit your report here.

If your account has been hacked and you can still access your login email address, please attempt to reset the password to your account by selecting the "Forgot your password?" link that appears above the Password field on the Facebook Login page. An email will be sent to you with steps for completing the process.

If your account has been hacked and the login email on your account has also been compromised or has been changed, please send us information about the account so we can look into it further and hopefully restore access. Please submit your report here.

It is possible that malicious software was downloaded to your computer or that your password was stolen by a phishing website designed to look like Facebook.

Please carefully follow the steps provided:
  1. Run anti-virus software: If your computer has been infected with a virus or with malware, you will need to run anti-virus software to remove these harmful programs and keep your information secure.

  2. Reset password: From the Account Setting page, you will need to create a new password. Be sure to use a different password than you use for other sites or services, made up of a complex string of numbers, letters, and punctuation marks that is at least six characters in length. Do not use words found in the dictionary.

  3. Never click suspicious links: It is possible that your friends could unwillingly send spam, viruses, or malware through Facebook if their accounts are infected. Do not click this material and do not run any ".exe" files on your computer without knowing what they are. Also, be sure to use the most current version of your browser as they contain important security warnings and protection features. Current versions of Firefox and Internet Explorer warn you if you have navigated to a suspected phishing site, and we recommend that you upgrade your browser to the most current version. You can also find more information about phishing and how to avoid it at http://www.antiphishing.org/consumer_recs.html and http://onguardonline.gov/phishing.html.

    Phishing is an online attempt to trick a user by pretending to be an official login page or an official email from an organization that you would have an account with, such as a bank or an email provider, in order to obtain a user’s login and account information. In the case of a phishing login page, the login page may look identical to the login page you would normally go to, but the website does not belong to the organization you have an account with (the URL web address of the website should reflect this). In the case of a phishing email, the email may look like an email you would get from the organization you have an account with and get emails from, but the link in the email that it directs you to takes you to the above phishing login page, rather than a legitimate login page for that organization.

    To prevent your account information from being obtained in a phishing scheme, only log in to legitimate pages of the websites you have an account with. For example, "www.facebook.example.com" is not a legitimate Facebook page on the "www.facebook.com" domain, but "www.facebook.com/example" is a legitimate Facebook page because it has the "facebook.com" domain. When in doubt, you can always just type in "facebook.com" into your browser to return to the legitimate Facebook site.
If you are still unable to access your profile, please send us more information regarding the issue so we can investigate. Please submit your report here.

Unfortunately, Facebook did not develop the third-party poker application and cannot assist you in restoring any lost poker chips. This application is developed and operated by a third party that runs its own technical resources, and we do not have access to this data.

Please reset your password immediately for security reasons, and contact the developer of this application in regards to your situation. In order to contact the developer who created this application, please go to the application's About Page and click on the "Contact Developer" link at the bottom of the page. Facebook is not responsible for the support provided by this developer. If you continue to have problems, please note that you can remove and restrict applications from the "Applications" section of the Privacy page.

If you have received a Facebook account confirmation email in error, it's likely that someone has mistakenly attempted to register using your email address. As long as you do not click the link contained in the email, no action will be taken, and no account will be created. http://www.facebook.com/help/?faq=14348

Please note that is not technically possible to hack a Facebook group. As long as the current administrators of a group keep their login details secure, keep their account enabled, and do not allow any suspicious people to become admins, then the group will remain secure. Please note, however, that if a group is left without an admin, any member will be able to assume that role. If this situation occurs, we encourage you or the former admin of this group to contact the current admin to resolve this matter. Unfortunately, Facebook is not able to add you back as an admin for any group.

In addition, as long as the group does not contain information that violates our Terms of Use, we will not take any action it. For more information on conduct prohibited by Facebook, please read ourStatement of Rights and Responsibilities, which can be accessed by clicking on the "Terms" link at the bottom of any Facebook page. http://www.facebook.com/help/?faq=15654

More information


Phishing is an online attempt to trick users into providing login and account information by pretending to be a login page or email from an official organization. Common examples include banks or email providers.

In the case of a phishing login page, the login page may look identical to the login page you would normally go to. However, in these instances the website does not belong to the organization you have an account with (the URL web address of the website should reflect this).

In the case of a phishing email, the email may look like an email you would receive from the organization you have an account with. However, the links provided in these emails typically direct you to the above phishing login page, rather than a legitimate login page for that organization.

To prevent your account information from being obtained in a phishing scheme, please double check the URL of the websites you have an account with. For example, "www.facebook.example.com" is not a legitimate Facebook page on the "www.facebook.com" domain, but "www.facebook.com/example" is a legitimate Facebook page because it has the "facebook.com" domain. When in doubt, you can always just type in "facebook.com" into your browser to return to the legitimate Facebook site.

Please note that current versions of Firefox and Internet Explorer warn you if you have navigated to a suspected phishing site, and we recommend that you upgrade your browser to the most current version. You can also find more information about phishing and how to avoid it at...


  1. Never click suspicious links: It is possible that your friends could unwillingly send spam, viruses, or malware through Facebook if their accounts are infected. Do not click this material and do not run any ".exe" files on your computer without knowing what they are. Also, be sure to use the most current version of your browser as they contain important security warnings and protection features. Current versions of Firefox and Internet Explorer warn you if you have navigated to a suspected phishing site, and we recommend that you upgrade your browser to the most current version. You can also find more information about phishing and how to avoid it at http://www.antiphishing.org/consumer_recs.html and http://onguardonline.gov/phishing.html.

    Phishing is an online attempt to trick a user by pretending to be an official login page or an official email from an organization that you would have an account with, such as a bank or an email provider, in order to obtain a user’s login and account information. In the case of a phishing login page, the login page may look identical to the login page you would normally go to, but the website does not belong to the organization you have an account with (the URL web address of the website should reflect this). In the case of a phishing email, the email may look like an email you would get from the organization you have an account with and get emails from, but the link in the email that it directs you to takes you to the above phishing login page, rather than a legitimate login page for that organization.

    To prevent your account information from being obtained in a phishing scheme, only log in to legitimate pages of the websites you have an account with. For example, "www.facebook.example.com" is not a legitimate Facebook page on the "www.facebook.com" domain, but "www.facebook.com/example" is a legitimate Facebook page because it has the "facebook.com" domain. When in doubt, you can always just type in "facebook.com" into your browser to return to the legitimate Facebook site.

  2. Have a unique, strong password: From the Account Settings page, be sure to use a different password than you use for other sites or services, made up of a complex string of numbers, letters, and punctuation marks that is at least six characters in length. Do not use words found in the dictionary.

  3. Run anti-virus software: If your computer has been infected with a virus or with malware, you will need to run anti-virus software to remove harmful programs and keep your information secure.

The FTC has created an alert, titled "Money Transfers Can Be Risky Business", that explains money transfer scams and other actions one can take.

Make sure that when you access the site, you always log in from a legitimate facebook.com domain. A good rule of thumb is if a URL ends in facebook.com, it is owned by Facebook. For example, "en-gb.facebook.com" ends in facebook.com and is therefore safe and legitimate.

When in doubt, just type "facebook.com" into your browser's address field. It's a good idea to bookmark the facebook.com address so that you don't have to enter it manually.

Other URLs that look like Facebook but do not follow this criterion could be illegitimate phishing websites. Never submit your login credentials to a site that looks suspicious.
http://www.facebook.com/help/?faq=15133

Facebook has enabled third-party websites to use Facebook’s login and authentication system through a program called Facebook Connect. Facebook Connect allows users to take their Facebook identity, network, and privacy settings with them as they browse and interact with the rest of the Web.

Connect-enabled sites often provide an option to log in to Facebook directly from the site itself. When you see this, you should make sure that the login opens in a separate browser pop-up window, and that the Web address (URL) for the pop-up contains the proper "www.facebook.com" domain. If it does, you’ll know that it’s a legitimate Facebook page and not a phishing attempt, and you can log in safely and securely.

Note: if you’re logged in to Facebook, the Facebook Connect partner site should only ask you to "authorize" that site. http://www.facebook.com/help/?faq=13929

Facebook respects your privacy. We do not distribute your user information to marketers or spammers. You can read more about this in our Privacy Policy. - http://www.facebook.com/help/?faq=12260
If you deactivate your account from the "Deactivate Account" section on the Account page, your profile and all information associated with it are immediately made inaccessible to other Facebook users. What this means is that you effectively disappear from the Facebook service.
However, if you want to reactivate at some point, we do save your profile information (friends, photos, interests, etc.), and your account will look just the way it did when you deactivated if you decide to reactivate it. Many users deactivate their accounts for temporary reasons and expect their information to be there when they return to the service.

If you do not think you will use Facebook again and would like your account deleted, please keep in mind that you will not be able to reactivate your account or retrieve any of the content or information you have added.

If you would like your account permanently deleted with no option for recovery, log in to your account and then submit your request by clicking here. - http://www.facebook.com/help/?faq=12271


Find more questions and answers here.

No comments: