28/08/2022
This is the fifth time in a little less than a fortnight that the maintainer of this page is faced with a phishing attempt of this kind and reported it to Facebook. Although the approach is fairly unsophisticated and its goal not hard to “rumble”, a distracted page admin might not get suspicious and still fall for it on the spur of the moment. So what's taking Facebook so long to get this under control?
These posts follow a shock-and-awe strategy by including tags for up to 40 pages that are clumsily hidden out of the initially collapsed post's display range, and try to create the impression of an official Facebook department having taken down all of those pages' content due to an alleged violation of community standards:
“Dear page admin.
You need to declare your page because we have found that some activity violates Facebook community policies.
For your protection, your page has been hidden from Facebook users and deactivated.
Click on the following link to confirm that you are the account holder: [clumsily contrived tinyURL link]
According to Facebook Community Standards, you have 24 hours to complete these steps before your account is permanently disabled.
Thank you for helping us improve the way we maintain Facebook.
Sincerely
The Facebook Community Standards team.”
The pages responsible for these half-baked yet annoying phishing attacks all share a common naming convention with just the 10-digit “serial” number varying, and slight variations in the profile image (which probably points to several independent culprits applying the same, concerted strategy) Expecting experienced page admins to click on a link that's not within the official Facebook domain is bold, but occasionally one might carelessly do so when distracted by other more important things that don't even leave time to verify the equally bold but easy to debunk claim that “your page has been hidden from Facebook users”.
Hopefully Facebook will do away with this nuisance soon.