How to report phishing to Facebook

How to report phishing to Facebook

Facebook phishingFacebook has today announced a new way in which it hopes to combat phishing scams targeting its 955 million users.

In a post to its Facebook Security page, the social network has explained that the public can now report Facebook-related phishing emails directly to the company.

All you have to do is forward the phishing email to the following email address:

Facebook says in its post that by forwarding the message you are helping combat attacks, and could assist in forcing phishing websites offline:

By providing Facebook with reports, we can investigate and request for browser blacklisting and site takedowns where appropriate. We will then work with our eCrime team to ensure we hold bad actors accountable. Additionally, in some cases, we'll be able to identify victims, and secure their accounts.

They don’t say so in their post, but I would imagine that Facebook’s security team would appreciate it if you would forward any phishing messages you receive *with* the full email headers if possible, as that helps determine where the emails have really come from.

Of course, regular Naked Security readers would hopefully never click on a link in an unsolicited email purporting to come from Facebook. Or, at the very least, would have some alarm bells ring and be able to tell that they had reached a *fake* Facebook login page.

For a bit of fun, here is a screenshot of a Facebook phishing webpage. Would you and your friends be able to see why this page is clearly bogus?

Fake Facebook login page

Find out the answers to that puzzle here.

Oh, and if you have the time, don’t forget to learn about how you can explain phishing to your grandma with our free Threatsaurus book.

If you’re on Facebook and want to learn more about spam, malware, scams and other threats, you should join the Sophos Facebook page where we have a thriving community of over 180,000 people.

Hat-tip: Naked Security reader Michael Johnson