Phishing emails claiming to come from “Facebook Security” are once again hitting users’ inboxes, and this time they are aiming for the big fish: pages that are likely to have more followers than a random private user.
According to Hoax-Slayer, the scammy email purports to notify creators of Fan Pages of an “original solution” for keeping their pages safe, but is unfortunately meant to do quite the opposite.
Users who are tricked into initiating this “Fan Page Verification Program” are taken to a bogus Facebook page that asks users to share the URL of their Fan Page, the login credentials and makes them choose a 10-digit number that will purportedly become their “Transferring Code” (click on the screenshot to enlarge it):
After they enter all this information, they are told that they will receive a confirmation email within 24 hours. But this is a smokescreen, and they have just handed the keys to their Fan Pages and a direct path to the fans to the phishers, who can misuse it to send out spam or malicious links to a large number of people that are likely to click on them.