The “Science Services” Facebook scam is a sophisticated phishing technique targeting unsuspecting Facebook users. This scam aims to steal login credentials and hijack valuable Facebook pages from page administrators.
In this comprehensive guide, we will break down exactly how the Science Services Facebook scam operates, who is vulnerable, and most importantly, how you can identify and avoid falling victim to it.
What is the Science Services Facebook Scam?
The Science Services scam is a phishing technique that uses fake security warnings purportedly from Facebook Support. These messages claim the recipient’s account is violating Facebook’s terms or is at risk of being disabled.
To “resolve” this fabricated violation or deactivation risk, the messages provide a link for the user to “verify” their account. However, this link does not lead to Facebook, but rather a fake login page controlled by the scammers.
Once users enter their Facebook login details, the scammers gain full access and can completely compromise both personal profiles and any pages managed by the victim.
How Does the Science Services Scam Work?
The Science Services Facebook scam employs meticulous social engineering tactics to dupe users into handing over their login credentials. Here is an in-depth look at how this scam unfolds:
1. Receiving an Unsolicited Message
The scam begins when the target receives an unprompted Facebook message in their inbox. This message appears to originate from an account called “Science Services”.
The sophisticated scam uses the account name, Facebook logo as the profile picture, and terminology like “Copyright Violation” or “Community Standards Violation” in the subject line to seem official.
In reality, this message is not associated with or distributed by Facebook in any way. Any communication from “Science Services” should be treated as highly suspicious.
2. Threat of Account Deactivation
The content of the phishing message threatens that the recipient’s account is at risk of being disabled. Some examples of scare tactics used include:
- Claiming the account violated Facebook’s terms of service or community standards
- Stating prohibited copyrighted content was shared
- Alleging offensive or dangerous content was recently posted
- Warning the account will be deactivated within 24 hours
Of course, the recipient has not actually done anything wrong, but this threat triggers fear intended to trick the user into revealing their login information.
3. Providing a Link to “Verify” the Account
After claiming the account is in jeopardy, the scam message supplies a link supposedly to verify or validate the account with Facebook.
Typical text used includes:
- Click here immediately to confirm your account
- This verification link must be used to avoid deactivation
- Follow this link and login to confirm your account status
However, the link redirects to a fake Facebook login page operated by the scammers, not any real account validation.
4. Redirecting Users to a Convincing Phishing Page
When users click the link, it takes them to a website styled and designed to mimic Facebook’s real login page exactly.
The scam puts painstaking effort into copying the design, logo, dashboard image, and wording to seem completely legitimate. However, upon closer inspection the URL clearly shows it is not Facebook’s website.
The fake page prompts the user to enter their username and password “to confirm their account”. In actuality, any details entered are delivered directly to the scammers.
5. Unwittingly Providing Login Credentials
Because the fraudulent Facebook login page is a near carbon copy of the real one, most users instinctively enter their information when asked without suspecting anything is amiss.
Since people login to Facebook regularly, this technique is highly effective at capturing credentials. After the target enters their username and password, the data is transmitted to the scammers.
6. Scammers Gain Full Account Access
With the user’s login credentials in hand, the scammers can now access the victim’s Facebook account just as if they were the legitimate account holder. They have everything needed to impersonate the user online.
Any personal information, messages, connected accounts, friends list, and critically any Facebook pages administered by the compromised user are now under the scammer’s control. This provides them access to a wide audience using the victim’s identity.
7. Changing Account Details to Lock Out Users
Once inside the hijacked account, the first action scammers take is changing key details like the password, contact email address, and security settings.
This is done to block the actual user from regaining access, solidify their control, and prevent the legitimate owner from quickly recovering the account. The scammers essentially lock out the user from their own account.
8. Impersonating the Victim for Further Scams
With full access and the ability to impersonate the compromised user, the scammers can now enact additional schemes leveraging the victim’s friends and followers. Some examples include:
- Spreading links that download malware or steal further data
- Running cons by posing as the victim and targeting their connections
- Posting inappropriate content to damage the user’s reputation
- Using pages and the stolen identity to scam followers and spread misinformation
- Accessing connected accounts like email or financial accounts for identity theft
As evidenced above, the Science Services scam utilizes social engineering and psychological tactics to manipulate users into surrendering their login information. If you do not recognize it as a scam, it can be easy to fall victim. Now that you understand the scam process, you can spot these messages and avoid being deceived.
Who Does the Science Services Scam Target?
While anyone with a Facebook account could potentially receive Science Services scam messages, they primarily target two specific groups:
1. Administrators of Popular Facebook Pages
A major goal of the scam is hijacking pages with large followings. These pages with established audiences and brands are highly valuable to scammers. They can use the influence and reach to perpetrate additional cons.
So page admins, especially of pages with thousands or millions of followers, are prime targets for Science Services scam messages.
2. Everyday Facebook Users
Though not the primary targets, regular everyday Facebook users may also receive Science Services scam messages in their inboxes.
The scammers likely mass message numerous users in hopes some will fall for it. They will happily take over any account they can compromise, even if not a high-profile page admin.
Essentially, anyone with a Facebook account could potentially be targeted by this scam. But pages with large established followings are the ultimate prize for these fraudsters.
Where Do the Scam Messages Originate From?
The phishing messages appear to originate from an account named “Science Services”. This vague official-sounding name is completely fabricated to sound like a real Facebook service or department.
The account uses Facebook’s logo and images to boost its legitimacy. However, it is in no way truly associated with or endorsed by Facebook. Any communication from this “Science Services” account should be treated as suspicious.
Why Facebook Users Are Vulnerable to This Scam
There are a few key reasons everyday Facebook users can fall prey to the manipulative Science Services scam:
Trust in Facebook’s Brand
Facebook is a ubiquitous platform that billions trust to connect with friends and stay updated. Users tend to inherently trust communications that appear to come from Facebook or use their official branding.
Unfortunately, scammers exploit this innate trust people have in the Facebook name and image. The scam messages leverage the brand users already see as credible.
Habit of Regularly Logging Into Facebook
Many Facebook users are extremely accustomed to logging into their accounts frequently on a daily basis. The fake Facebook login page mirrors this familiar experience.
When users see the normal login prompt, they enter their details without thinking twice out of habit. People’s login routine aids the scam.
Fear of Losing the Account
No one wants to lose their main connection to friends and family online. The scam triggers strong emotions by threatening account deactivation, making users act fast to “save” their profile without considering it could be a con.
Fear motivates people to provide their login info, which is exactly what the scammers want.
Lack of Caution for Facebook Messages
Unlike emails which people know to treat carefully, messages inside Facebook from other users or pages don’t raise the same skepticism.
People tend to be less cautious when it comes to unsolicited Facebook messages. This allows the scam message to more easily gain trust.
With an understanding of why even savvy users can be fooled, it becomes clear how vital awareness of this scam is to staying secure.
How to Identify the Science Services Facebook Scam
Recognizing the telltale signs of the Science Services scam is key to avoiding falling prey to it. Here are the red flags to watch for:
Sender Name of “Science Services”
Messages coming from this dubious account name are the smoking gun of this scam. Legitimate Facebook communications will be from “Facebook” or specific support teams, never this sketchy name.
Threats of Account Deactivation
Scam messages will nearly always state your account violates policies or is at risk of deletion. Facebook does not typically threaten this without prior communication and providing resolution options.
Links to Verify the Account
Messages will contain a link claiming to help you validate your account with Facebook to prevent the supposed deletion. The link goes to a phishing site controlled by scammers, not any real verification.
Login Pages with Slightly Different URLs
The link redirects to a login page styled exactly like Facebook, but on closer inspection the URL clearly shows it is not Facebook’s site. Watch for odd spellings or repetitions of letters.
Requests to Login or Enter Credentials
Facebook would never message you out of nowhere demanding you login or provide your password or other credentials. Any such unprompted messages are highly dubious.
Poor Spelling and Grammar
While not a guarantee of a scam, messages littered with typos, spelling mistakes, strange phrasing, and broken grammar should make you skeptical. Scammers tend to be foreign and lack fluency.
Stay vigilant for any communications from “Science Services” or displaying these characteristics. Never enter your login information unless visiting Facebook directly yourself. When in doubt, contact Facebook Support to confirm if any messages are legitimate before taking action.
What to Do If You Fall Victim to the Science Services Scam
If you unfortunately submitted your Facebook login credentials through the fake verification page, the scammers now have access to your account. Here are the steps you should take immediately:
1. Change Your Password from a Secondary Device
The top priority is changing your password as soon as possible before the scammers do. Do not try to reset the password using the same device, as it could already be compromised by malware. Use a different trusted device like your phone or a friend’s computer.
Change your password to something completely new that the scammers could not guess or uncover easily. Enabling two-factor authentication provides an extra layer of security on top of a strong password.
2. Remove Any Unknown Connected Apps
In your Facebook settings, look at the list of apps and sites connected to your account. The scammers may have linked tools to maintain access. Unlink anything unfamiliar.
Revoking permissions stops potential backdoors into your account. Only keep apps you know you authorized and recognize.
3. Run Anti-Virus Scans for Malware
The fake Facebook login page you visited could have downloaded malware onto the device used without your knowledge. Download anti-virus software like Malwarebytes and run full system scans to uncover anything malicious.
Removing any malware prevents the scammers from monitoring you or accessing your new password. Keep all software up-to-date and scan regularly.
4. Report the Scam to Facebook
Facebook provides forms to report compromised accounts. Provide details on how your account was phished so Facebook can investigate and enhance protections.
You may also want to proactively contact Facebook Support via chat or email to speed up recovering your account fully.
5. Change Passwords on Any Connected Accounts
Chances are your Facebook account is linked in some way to other accounts like email, Instagram, Amazon, etc. To be safe, change your passwords on any accounts connected to your compromised Facebook. Enable two-factor authentication wherever possible for enhanced security.
6. Use Facebook’s Account Recovery Steps
If the scammers locked you out by changing your password, Facebook offers an account recovery process. You’ll need to provide information like associated email addresses, locations you logged in from, etc. Facebook should be able to verify your real ownership.
7. Alert Friends and Followers
Let your Facebook friends and any followers of your pages know your account was compromised. Warn them to be wary of any odd messages or posts made after the scam took over. Those actions do not originate from the real you.
Also suggest they strengthen their own account security settings and watch for suspicious login activity. The scammers may target more of your network.
How to Report the Science Services Facebook Scam
If you receive a scam message from “Science Services” or have your account compromised, you should report the incident both to Facebook and the authorities. Here is how to properly report:
Report Suspicious Messages to Facebook
If you receive a phishing message but did not fall victim, you can report the message directly to Facebook through their reporting channels. Provide details like the “Science Services” account name, content of the scam message, and any other relevant information.
Use Facebook’s Hacked Account Form
If your account was successfully phished and hijacked, use Facebook’s “My Account Has Been Hacked” form. Submit details on how and when your account was accessed without authorization so Facebook can investigate.
File a Complaint with the FTC
You can also file a complaint with the Federal Trade Commission (FTC) regarding the Science Services scam. The FTC helps track down and prosecute scams operating online.
Reporting online crimes aids law enforcement in combating fraud.
The more individuals who report the Science Services Facebook phishing scam when encountered, the sooner this con can be shut down. Do your part to create a safer, more trustworthy environment on social media.
How to Avoid Falling Victim to the Science Services Scam
Avoiding cybersecurity threats requires vigilance as well as proactively taking steps to secure your online presence. Here are key tips to protect yourself from the Science Services and other Facebook scams:
Enable Two-Factor Authentication
Two-factor authentication adds a second step to logging in, such as requiring a code from your phone. This prevents scammers from accessing your account even if they have your password. Two-factor authentication is a must for Facebook.
Use Unique Passwords
Never reuse the same password across multiple sites or accounts. If your login credentials are compromised anywhere, unique passwords prevent scammers from accessing all your other accounts.
Keep Software Updated
Always keep your devices, apps, browser, anti-virus, and operating system up-to-date and patched. Updates contain vital security fixes that block scammers from exploiting vulnerabilities. Enable auto-updates where possible.
Check Connections Frequently
Regularly review the list of apps and sites connected to your Facebook account. Remove any you don’t remember approving. This denies scammers potential backdoors into your account.
Use Caution with Links
Never login through an unsolicited link, even if it appears to come from Facebook. Hover over links to inspect their real destination. Only login directly through Facebook’s official website which you manually navigate to yourself.
Secure Social Media
On all your social media platforms, only accept follow requests and messages from people you know. Use privacy settings to limit your online exposure and data access. Report anything suspicious.
Run Anti-Virus Scans
Download a reputable anti-virus program and perform regular scans of your devices to detect potential malware, spyware, or other infections. This protects you from viruses that scam links may install.
Staying vigilant against the latest phishing techniques and having robust security habits are the best defenses against Facebook scams. Share information on scam awareness with your friends and community as well. The more prepared social media users are, the less power these frauds have.
Also beware scams like
- Elon Musk Energy Saving Device Scam
- IDP Administrator Email Scam
- Bittrex Email Scam
- Peacock Data Sharing Class Action Lawsuit Scam
- & Papaya Ltd Review
Frequently Asked Questions About the Science Services Facebook Scam
Here are answers to some commonly asked questions regarding the “Science Services” phishing scam targeting Facebook users:
What is the Science Services scam?
This is a phishing technique that sends users fake security warnings claiming their Facebook account is at risk to trick them into providing their login credentials through a scam link that looks like Facebook’s login page but actually steals the entered information.
Who is behind the Science Services scam?
The messages come from a fabricated account named “Science Services” designed to sound like a legitimate Facebook security service. Facebook confirms it is completely unaffiliated. The true source of the scam is unknown.
How does the Science Services scam work?
It sends threatening messages warning your account will be disabled. It provides a “verification” link to a fake Facebook login page. Without realizing it is phishing, you may enter your username and password, allowing scammers to steal your credentials and access your account fully.
What is the end goal of this scam?
The main objectives are hijacking accounts with large audiences and followers. This allows the scammers to perpetrate additional cons leveraging the reach of compromised high-profile accounts.
Who does the Science Services scam target?
It primarily targets Facebook page administrators, especially of pages with thousands or millions of followers. But regular everyday Facebook users may receive scam messages as well, as the scammers will hijack any account they can.
How can I avoid this scam?
Never login through links in unsolicited messages, no matter how official they appear. Only login through Facebook’s real app or website. Enable two-factor authentication for enhanced security. And report any unusual messages to Facebook.
What should I do if my account is compromised?
If you entered your details, immediately change your password from a different, uncompromised device. Remove any unknown connected apps, run anti-virus scans, report the issue to Facebook, and warn your friends not to interact with the hijacked account.
How can I report the Science Services scam?
Report any scam messages or account impacts directly to Facebook through their reporting channels. Also file a complaint with the FTC to to aid law enforcement in combating this fraud.
How can Facebook users unite against scams?
With over 2.9 billion users, the Facebook community has immense power if people unite against threats like phishing. Through activism, education, reporting, and applying public pressure, users can force significant change and demand greater protections.
Wrapping Up
The “Science Services” Facebook scam represents a dangerous phishing threat all users should be aware of. This scam employs social engineering tactics and faked security warnings to steal login credentials and hijack valuable accounts.
By understanding how phishing techniques work and recognizing common ploys like claims of policy violations and fake account verification links, Facebook users can avoid compromising their profiles. Always visit Facebook directly yourself rather than through unsolicited links.
If you unfortunately fall victim to this scam, act swiftly to change passwords, remove connected apps, run anti-virus scans, notify Facebook, and warn your friends not to interact with the hijacked account. Report all scams thoroughly and help spread awareness to fellow users.
With vigilance and proper security habits, the power of these phishing scams can be diminished. Through education and united action, the Facebook community can also pressure for positive change and demand increased safety measures.
By learning the techniques scammers use and helping each other stay informed of new threats, Facebook users worldwide can work together to create a more trustworthy and secure social space free of predatory frauds.