Other ways to search: Events Calendar | UTHSC

Cybersecurity Tip of the Week – New Facebook-Themed Scam


Most phishing scams take users through a series of hoops to jump through to avoid detection – so much so, that the hoops themselves should serve as a red flag. But in the case of a new Facebook-themed phishing attack documented by security vendor Trustwave, the steps taken are likely so unfamiliar to the victim, that they will be thrown off completely and will simply follow the steps… to give up their Facebook credentials.

The scam starts with a simple enough email from “Facebook” stating “your page has been scheduled for deletion for violating our Community Standards.” The “Appeal Now” link takes users to a Messenger conversation with a chatbot, an online chat application, under the name of “Page Support”. The chatbot requires that the user be logged onto Facebook, prompting the user to log on, and the credentials are stolen. 

Be cautious of any notifications or activities on your accounts. Never log in from a message received, but from saved bookmarks or verified URLs. 

What has been reported to abuse@uthsc.edu this past week?

  • [Ext] Re: (Name of Recipient) – another attempt at spoofing the name of someone on campus to get another employee to buy gift cards
  • [Ext] Receipt order unique # 89B0F6S019 – another auto-renewal scam where the recipient needs to contact the “vendor” to dispute a charge for a service
  • [Ext] Kindly Check Your Payment – same as above, another auto-renewal scam
  • [Ext] your request has been done # GSUSV-63284-HSBSP – and a 3rd auto-renewal scam
  • [Ext] YOUR CONFIRMATION MAIL #J67GHK4GH36J4 – and a 4th auto-renewal scam
  • [Ext] Thank you for your payment – you got it, a 5th auto-renewal scam
  • Email Verify – from a compromised account from a sister University, an attempt to click a link and steal more credentials
  • [Ext] Incoming call with +17576911826 on Tue, Jun 12 – a fraudulent voicemail that did not come from Ring Central

Keep reporting suspicious emails to abuse@uthsc.edu for examination. If you wish to report an incident to the Office of Cybersecurity, use TechConnect.