Focused guide

Fake Software Update Scams on Facebook

Scammers use Facebook ads, posts, and Messenger to push fake app or browser updates that install malware instead of genuine patches.

Part of: Fake Software Update Scams

Last reviewed: 1 June 2026

On Facebook a fake update scheme can surface as an ad for a 'must-have' app upgrade, a post warning that your browser is outdated, or a Messenger message claiming you need a plugin to view content. The social context makes the prompt feel routine.

Genuine updates come through the application or official store, not via Facebook ads, links, or Messenger downloads. Scammers exploit the platform's reach and the universal habit of accepting updates to disguise malware as a necessary upgrade.

How this scam works on Facebook

You encounter an ad or post claiming your browser, video player, or app is out of date and offering a download, or a Messenger message says a 'plugin update' is needed to open a shared file or video.

The download is malware dressed as an update — it may steal data, hijack accounts, or install a remote-access tool. The familiar look of an update prompt and the curiosity to view content combine to prompt installation.

Messages from hacked accounts make the prompt seem to come from a trusted friend, lowering the victim's guard further.

Common red flags

A Facebook ad or post says your browser or app is out of date and offers a download
A Messenger message claims you need a plugin update to view content
The download comes from a link rather than the app or official store
The prompt appears to come from a friend's possibly hacked account
You are urged to install quickly to keep using a service
The download is an executable file

How to protect yourself

Install updates only through the app itself or the official app store
Never download an 'update' from a Facebook ad, post, or Messenger link
Be sceptical of plugin prompts needed to view shared content
Verify with a friend separately if an update prompt seems to come from them
Enable automatic updates from the genuine source where possible
Report the ad or page and block the account within Facebook

How to report it

Use Facebook's 'Report' tool on the ad, post, or Messenger chat
Report the impersonation to the software vendor via its official site
File a report with your national fraud or cybercrime reporting centre

Frequently asked questions

A Facebook message says I need a plugin update to watch a video — is it safe?

No. Legitimate content does not require you to install a plugin from a Messenger link. Such prompts deliver malware. Update software only through the app or official store, and verify any message from a friend separately.

How this scam works on Facebook

You encounter an ad or post claiming your browser, video player, or app is out of date and offering a download, or a Messenger message says a 'plugin update' is needed to open a shared file or video.

Messages from hacked accounts make the prompt seem to come from a trusted friend, lowering the victim's guard further.

Common red flags

A Facebook ad or post says your browser or app is out of date and offers a download

A Messenger message claims you need a plugin update to view content

The download comes from a link rather than the app or official store

The prompt appears to come from a friend's possibly hacked account

You are urged to install quickly to keep using a service

The download is an executable file

How to protect yourself

Install updates only through the app itself or the official app store

Never download an 'update' from a Facebook ad, post, or Messenger link

Be sceptical of plugin prompts needed to view shared content

Verify with a friend separately if an update prompt seems to come from them

Enable automatic updates from the genuine source where possible

Report the ad or page and block the account within Facebook

Frequently asked questions

A Facebook message says I need a plugin update to watch a video — is it safe?