Fake Facebook community standards violation messages & how to spot them

Written By Sue Serna

Did you receive a message saying your Facebook page will be disabled because it violates “42 u.s.c. § 1283 (2020) community standards?”

First and foremost: don’t panic. It’s almost assuredly a fake, and it’s a phishing attempt to try to get your Facebook login credentials. The crooks bank on you panicking and not engaging the logical part of your brain. Second, whatever you do, do NOT enter your Facebook login credentials anywhere.

So, with that said, why are these attempts so effective, and what can you do to make sure you don’t become a victim of these scams?

I’ve already written a whole post about these types of messages, which have sadly become prevalent across Facebook, Instagram and even sometimes LinkedIn. If you’re interested, check out my previous post, Is my Facebook page really disabled?

To reiterate, here are some key things to look for when evaluating whether a message is legit or fake:

  • Check your Facebook page: Is it still there? Does everything look OK? Are there any warning messages that pop up when you go to your page? If things look OK, they probably are.

  • Check your notifications and your email: Facebook will never ever send you such an account-critical message only by private message. If this message was really from Facebook or its parent company Meta, you would receive the same message via notification (under the “bell” icon in the corner of your page) as well as via email at the email address linked to your Facebook profile.

  • Spelling and grammar mistakes: These types of messages are riddled with spelling issues, grammar mistakes, weird punctuation, odd capitalization, etc. Say what you will about Facebook Support these days, but they do still tend to send legitimate messages that are free of these types of basic issues.

  • Branding: A lot of these messages come from accounts that are titled scary things like “System Admin.” And they have branding where the profile picture is something like a giant caution symbol. These are carefully selected to make you think the accounts are legitimate. But they aren’t.

  • Links: Examine any links within the message with a high level of skepticism. Unless you can verify they go to a real Meta-owned URL, do not click and absolutely do not enter any info. The best bet is to go to facebook.com in your browser and login there – this way, you know you are legitimately logging in.

  • 42 u.s.c. § 1283 (2020): If you happened to receive the message above about 42 u.s.c. § 1283 (2020) community standards, you should be aware that this particular legal statute has to do with nondiscrimination. It’s not that nondiscrimination isn’t important to Meta, but of all the things Meta will suspend an account for, discrimination is actually pretty low on the list. Things like bullying, harassment and spam are much higher on the radar and much more likely to get your page in trouble.

So what can you do about this? Unfortunately, not much will prevent the messages from rolling in. This comes with the turf for anyone who manages a Facebook page on behalf of a company or brand. As your company’s trusted social media guy or gal, it is your responsibility to be extra diligent and careful. It’s your brand as well as your own personal Facebook profile at stake.

Should you receive such a message, you should absolutely report it as spam and block the sender immediately. For extra insurance, change your personal Facebook password immediately. One thing I can say after decades doing this is that the scammers will always be looking for new ways to get what they want. They are getting smarter. They are getting more sophisticated.

The other thing you can do to help yourself is put the proper defenses in place. That means following the best practices for social media governance and security. Like the nebulous “they” say, the best offense is a good defense, and that is very true of social media security. You can find more than you ever wanted to know about social media governance best practices, including my four essential pillars of good governance in the Governance portion of my website.

 TLDR? Some highlights:

  • You should be using Meta’s Business Manager/Business Suite to manage your Meta-related social media channels and especially who has access to them.

  • You should be carefully monitoring who gets access, and you should limit the number of people who are granted full administrative access to just the few who truly need it (remember admins can remove other admins).

  • Each person with access needs to be educated about the importance of having a strong password for their personal social media accounts. Since access to company Facebook pages comes via people’s personal accounts. So, you can do all the things right from the company side, but if Suzy’s personal Facebook password is “password123,” the result is that the company’s social is very insecure.

Bottom line, the scammers get smarter every day. Even experts like me are occasionally duped by a particularly convincing message. But if you follow the tips above, you should be able to tell the real messages from Meta from the fakes. Just remember, don’t panic and evaluate the situation objectively.

Sue Serna

Social media expert.

https://www.sernasocial.com
Next

The argument for centralizing social media