Subject: <\/strong>Notification of Account Suspension<\/p>\n\n\n\n
![\"\"](\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2023\/04\/4-1-23-meta-account-suspension-phish-1024x535.png\")
<\/figure>\n\n\n\nTips for Detection<\/h2>\n\n\n\n- The sender\u2019s email address was from [@]metaforbusiness-support[.]com (which is not a valid FB\/Meta domain). Always double-check the sender\u2019s email address and don\u2019t solely rely on the display name.<\/li>
- The email had a generic greeting (e.g. Dear User or Dear Administrator).<\/li>
- The email tries to induce fear that your email service will be removed after 24 hours. Don\u2019t be misled by the sense of urgency!<\/li><\/ul>\n\n\n\n
Text of Phishing Message <\/h2>\n\n\n\n
From:<\/strong> Meta for Business <appeal-form[@]metaforbusiness-support[.]com>
Subject: <\/strong>Notification of Account Suspension<\/p>\n\n\n\nDear Administrator of [department name<\/em>] | Tacoma WA, <\/p>\n\n\n\nWe regret to inform you that your account on our platform has been suspended due to a violation of our terms of service. We take our policies seriously in order to ensure a positive and safe experience for all of our users. <\/p>\n\n\n\n
We understand that this may have been an unintentional mistake on your part, and we would like to provide you with an opportunity to appeal this decision. If you believe that your account has been suspended in error, please submit an appeal by clicking on the “Submit” button below. <\/p>\n\n\n\n
Submit [link removed<\/em>]<\/p>\n\n\n\nPlease note that the review process can take up to [insert time frame] to complete. We appreciate your patience and cooperation in this matter. <\/p>\n\n\n\n
If your appeal is successful, your account will be reinstated and you will be able to resume using our platform. If your appeal is not successful, your account will remain suspended. <\/p>\n\n\n\n
Thank you for your understanding and for your commitment to our policies. <\/p>\n\n\n\n
Best regards, Facebook Team<\/p>\n","protected":false},"excerpt":{"rendered":"
Original Phishing Message From: Meta for Business <appeal-form[@]metaforbusiness-support[.]com>Subject: Notification of Account Suspension Tips for Detection The sender\u2019s email address was from [@]metaforbusiness-support[.]com (which is not a valid FB\/Meta domain). Always double-check the sender\u2019s email address and don\u2019t solely rely on the display name. The email had a generic greeting (e.g. Dear User or Dear Administrator). […]<\/p>\n","protected":false},"author":643,"featured_media":1064,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3,4],"class_list":["post-1062","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing","tag-phishtank"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/1062","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/643"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=1062"}],"version-history":[{"count":2,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/1062\/revisions"}],"predecessor-version":[{"id":1066,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/1062\/revisions\/1066"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/1064"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=1062"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=1062"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=1062"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
Text of Phishing Message <\/h2>\n\n\n\n
From:<\/strong> Meta for Business <appeal-form[@]metaforbusiness-support[.]com> Dear Administrator of [department name<\/em>] | Tacoma WA, <\/p>\n\n\n\n We regret to inform you that your account on our platform has been suspended due to a violation of our terms of service. We take our policies seriously in order to ensure a positive and safe experience for all of our users. <\/p>\n\n\n\n We understand that this may have been an unintentional mistake on your part, and we would like to provide you with an opportunity to appeal this decision. If you believe that your account has been suspended in error, please submit an appeal by clicking on the “Submit” button below. <\/p>\n\n\n\n Submit [link removed<\/em>]<\/p>\n\n\n\n Please note that the review process can take up to [insert time frame] to complete. We appreciate your patience and cooperation in this matter. <\/p>\n\n\n\n If your appeal is successful, your account will be reinstated and you will be able to resume using our platform. If your appeal is not successful, your account will remain suspended. <\/p>\n\n\n\n Thank you for your understanding and for your commitment to our policies. <\/p>\n\n\n\n Best regards, Facebook Team<\/p>\n","protected":false},"excerpt":{"rendered":" Original Phishing Message From: Meta for Business <appeal-form[@]metaforbusiness-support[.]com>Subject: Notification of Account Suspension Tips for Detection The sender\u2019s email address was from [@]metaforbusiness-support[.]com (which is not a valid FB\/Meta domain). Always double-check the sender\u2019s email address and don\u2019t solely rely on the display name. The email had a generic greeting (e.g. Dear User or Dear Administrator). […]<\/p>\n","protected":false},"author":643,"featured_media":1064,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3,4],"class_list":["post-1062","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing","tag-phishtank"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/1062","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/643"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=1062"}],"version-history":[{"count":2,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/1062\/revisions"}],"predecessor-version":[{"id":1066,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/1062\/revisions\/1066"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/1064"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=1062"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=1062"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=1062"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
Subject: <\/strong>Notification of Account Suspension<\/p>\n\n\n\n