Facebook Security is the official Facebook page that the site uses to provide user-friendly security information that is particularly relevant to its users. However, it is now being used in phishing attacks.
Spammed messages purportedly from Facebook Security are being sent to Facebook users. According to the message, the user’s account has been found to be suspicious and has been blocked. Facebook Security’s account was either accessed from an unknown location or was abused. The message then asks the user to verify and unblock the account by going to a site that turned out to be a phishing page:
Another way users are targeted are via fake Facebook Security profiles. Many profiles seemed to have been registered by Facebook Security with diacritic marks inserted.
As is in this case, be careful about opening messages and websites, even if they supposedly come from official sources such as Facebook Security. One can see that the messages and websites contained several glaring errors in grammar and punctuation–a common issue for phishing attacks in general, and something that should warn users that the site they’re visiting is not legitimate.