Over the years, readers may have seen fraudulent emails in their spam folders that claimed to be from social media companies. One of those scam messages that appeared to be from Facebook (but was not) had a subject line that read, “Someone tried to log into your account.” The subject line often ended with an 8-digit ID number.
Such Facebook email scams can lead to phishing, identity theft, and other dangerous outcomes. We strongly recommend that you do not click on links in such messages.
The emails often looked like the message below:
Most messages will have a greeting followed by the words: “A user has just logged into your Facebook account from a new iPhone 11 Pro device. We are sending you this email to verify that it is you. We also saw a variant of the post mentioning another device: “iPhone 12 Pro Max”.
However, the social media company does not send messages like these with buttons that say “Report user” and “Yes, me”. This is an email scam.
While the post might appear to be a legitimate email from Facebook, there is a way to find out for sure. Readers can look at the “From” portion of the email to determine if it is from a legitimate Facebook email address. In the case below, it was from a strange email address ending in “secomag.za.com”. We saw another fraudulent email with “tuufisz9capmuourwp75.designclub.uk.com”. None of these addresses are official Facebook email addresses, which means they are a scam.
So what are the official Facebook email addresses? Facebook.com, fb.com, and facebookmail.com are three reliable email accounts owned by Facebook. If readers receive an email that legitimately originates from one of these email addresses, it is not a scam.
For example, Facebook’s help community once confirmed that the [email protected] email address is trustworthy and not involved in scams.
In summary, don’t click any links if you receive the Facebook email scam that claims “someone tried to log into your account”.