Facebook under attack: the new Messenger scam stealing users’ credentials

14 November 2025

Table of contents

The phishing threat returns to Facebook
How the Messenger scam works
How to protect your Facebook account
The importance of digital awareness

The phishing threat returns to Facebook

Phishing on Facebook Messenger is back and it’s more sophisticated than ever.
In recent days, CSIRT Italy (Computer Security Incident Response Team) has reported a massive wave of fake security messages designed to steal users’ login credentials and personal data.

The messages exploit the fear of losing one’s account: they talk about “suspicious activity” and possible account suspensions, urging the user to click on a link to “verify security.”

But behind that link lies a fake page, perfectly identical to Facebook’s interface, ready to capture usernames, passwords, and phone numbers.

How the Messenger scam works

Once clicked, the link leads to a fake Facebook page that looks identical to the real one. The victim is asked to enter their username, password, and phone number for a supposed “security verification.”

These details are instantly sent to the attackers, who can log in, change passwords, or use the account for further scams.

To avoid suspicion, the user is redirected to the real Facebook homepage afterward, believing everything is normal.

By combining urgency, authentic design, and technical language, the scammers deceive even cautious users who aren’t well-versed in cyber security.

How to protect your Facebook account

Experts recommend a few simple but essential precautions:

Never click on suspicious links from messages or emails.
Always check the sender’s domain legitimate ones end with facebook.com or meta.com.
Log in only through official Facebook apps or websites.
Enable two-factor authentication (2FA) to secure your account even if your password is stolen.
Report fake profiles and messages to Facebook Support or your local Cyber Police.