What can I do about phishing?
Phishing is a malicious attempt to gain access to your account or record personal information about you by getting you to enter your login or other sensitive information into a fake website. Many scammers try to trick people with fake offers of free, rare, secret or exclusive digital goods (ex: coins, chips, gifts).
When in doubt, type www.facebook.com into your browser to get to Facebook. We also recommend checking official Facebook Pages or app Pages before clicking on any promotions.
Beware of:
  • Messages with misspellings and typos, multiple fonts or oddly-placed accents.
  • Messages that claim to have your password attached. Facebook will never send you your password as an attachment.
  • Mismatched links: When you hover over a link, look at the status bar at the bottom of your browser window, and make sure the link actually goes to the place shown in the email.
  • Messages asking for your personal information. Facebook will never ask you for:
    • Your account password
    • Your social security number or tax identification number
    • Your full credit card number or PIN
  • Messages claiming that your account will be deleted or locked unless you take immediate action.
Keep in mind, you can report phishing emails to phish@fb.com or through the report links that appear throughout Facebook. While we can't respond to every phishing report we receive, we'll use the information you provide to investigate the issue and take action if possible.
You can learn more about suspicious emails and how to avoid scams.
How helpful did you find this answer?