📝 usncan Note: If You See This Warning, Your Facebook Is Being Hacked
Disclaimer: This content has been prepared based on currently trending topics to increase your awareness.
You have been warned — this is an attack.
NurPhoto via Getty Images
Most people reading this will have a Gmail account and a Facebook account, which makes this a busy week on the security front. Gmail attack warnings are already front and center in most news feeds. And now there’s a new Facebook warning as well.
Courtesy of Kaspersky’s Global Research and Analysis Team, users are being warned that a new threat campaign is disguised as a warning from Facebook itself that your account “has been blocked” or will be suspended after 7 days.
The message includes an “Appeal” button, which links to a “fraudulent support page.” From there you’re ‘tricked into downloading malware disguised as an ‘appeal’ script.”
This is an attack.
Kaspersky
The payload is StealC v2 malware, which can “harvest passwords, cookies, cryptocurrency wallet data, and even access screenshots.” Suffice to say, you really don’t want to give the hackers behind these attacks access to that data on your device.
The attack has started in Asia and is now “likely to begin targeting more countries.” Thus the warning for users in the U.S., Europe and elsewhere to beware the accounts suspension message and the strict instruction not to click that ‘Appeal’ button.
Kaspersky says “cybercriminals often exploit users’ fear of losing account access and a perceived sense of urgency. This pressure can lead individuals to act without caution, increasing the risk of infection by malware such as StealC v2.”
“Phishing attacks can come in many different forms,” Facebook says. “These links may appear harmless, but they can lead you to dangerous or fraudulent websites that look legitimate, where your personal information or login credentials can be stolen.”
Do not click this button.
Kaspersky
This malware is a 2025 evolution on the original StealC, and “significantly enhances the malware’s capabilities and elevates the risk to both individual and corporate users.”
Kaspersky’s advice is simple and extends across the board, not just for this latest malware campaign that has been caught in the act:
“Look for urgency or threats. Phishing attempts frequently try to create a sense of urgency or fear. Be cautious of emails demanding immediate action, such as changing a password or providing personal information.” And always “verify unsolicited messages, calls, or links, even if they appear legitimate, and never share 2FA codes.”
This is the latest such attack, and follows a similar warning last month. Facebook’s advice if your account is hacked can be found here.
