Facebook copyright scam intensifies, users left stranded

The Facebook copyright infringement scam appears to have intensified, with users reporting being locked out of their accounts with little help from the Meta-owned social media platform to restore their access.

The scam targets Facebook users by sending them fake copyright infringement notices and stealing their credentials. Cybernews first reported on the story, described by Avanan, in January.

While it’s been making the rounds for most of 2023, the scam seems to have grown in scale in recent weeks. Numerous users have reported that they’ve fallen victim to it, losing access to their accounts and receiving little help from Facebook in reinstating them.

Victims reported their accounts being renamed to “Meta Copyright Infringement” and sometimes disabled. Some said that they’d experienced credit card fraud, suffered damages over suspended business accounts, or lost pictures posted over the years as a result.

Others recounted how their hacked accounts were used to share explicit or violent content, with one user saying a picture of two men carrying AK-47 guns was posted on their behalf “written in a language I do not understand.”

Users also complained that they struggled with the appeal process, expressing frustration over the lack of communication from Facebook.

“I've had this account for 16 years and it’s linked to all my business accounts and I cannot use anything. When putting in an appeal using the form it immediately says I cannot review,” one user said in a comment posted to Cybernews.

Another said: “I have deceased family members and thousands of photos and memories I don’t want to lose…Emailed countless Facebook support emails and I haven’t heard anything back! Very frustrating.”

Meta did not respond to repeated requests for comment.

“Lost forever”

Unfortunately, for those who had their accounts taken over and had their photos or other items deleted or removed, there isn’t much that Facebook will be able to do about it, Joe Karasin, head of the Karasin PPC digital marketing company, said.

“I have several clients that have experienced this scam. Facebook has been little help to any of them. If you fall victim to the scam, you can go through the account recovery process, however, any data you gave to the scammers or your photos might be lost forever,” Karasin said.

Time matters if there is financial damage involved – the sooner the victim contacts their bank if they had their credit or debit card number exposed, the easier it will be to recover the damages.

“The best advice I can give is to know that Facebook will not send you a direct message, ever, especially to a personal account. If you are seriously in violation of a copyright issue, it will appear in your notifications, not Messenger, and most likely not in your email,” Karasin said.

Users should also never click on the links in messages from people they don’t know.

“If someone you do know messages you but they seem off, ask them a question only you and they would know the answer to. If they can't answer it, block and report the account immediately,” Karasin said.

In any case, users should report that their account was compromised at facebook.com/hacked, said Gary Huestis of Powerhouse Forensics.

“You should also check your Facebook messages and posts to see if the attacker sent any messages to your friends acting as you or posted any content to try to get more people to fall for this scam,” Huestis said.

To minimize the risk of falling for this type of scam, users should go to Facebook Security Settings to enable login alerts and two-factor authentication.

“As with other types of scams and phishing attacks, pay attention to any emails or messages that ask you to enter your password or provide any security information,” Huestis said.

Convincing scam

The Facebook copyright infringement scam is a phishing attack that primarily targeted organization accounts when research by the cybersecurity company Avanan was released earlier this year.

Users would receive fake copyright infringement notices threatening to terminate or suspend their pages because they didn’t follow Facebook’s Community Standards.

The fake notice would say that a photo uploaded to the account's page violated Facebook's copyright infringement policy and that the decision could be appealed within 24 hours.

The fake notice would press the target to take immediate action to address the issue, a common tactic used in phishing scams.

"If you miss the deadline, your account will be permanently disabled," the message warned, instructing users to follow a link to make an appeal.

While the link looked legitimate, hovering over it made it clear it did not lead to a Facebook-related page, Avanan said at the time. Instead, it led to a credential-harvesting website.

Researchers also noted that the sender's address was visibly fake but said the spoof notice was otherwise "fairly believable."