Fake Subscription Renewal Phishing on Facebook
Phishing messages impersonating Facebook or Meta billing warn users that their account or Page subscription is at risk, directing them to credential-harvesting sites disguised as Meta login pages.
Part of: Fake Subscription Renewal Phishing
Last reviewed: 1 June 2026
Facebook's business products — including Meta Business Suite, Ads Manager, and Page subscriptions — generate routine billing communications. Phishing operators replicate these communications precisely, targeting both personal users and business owners who manage Pages or ad accounts.
Business page administrators are a particularly high-value target because compromised ad accounts can be used for fraudulent ad spend — attackers gain both credentials and access to live payment methods linked to the ad account.
How this scam works on Facebook
A message arrives by email, Facebook notification, or Messenger from an account claiming to be Meta Support, warning that a subscription payment has failed or that the user's Page is scheduled for restriction. The message contains a link to 'verify your payment information'. The link leads to a fake Meta login page.
For business owners, the phishing message may threaten ad account suspension due to a billing dispute, creating urgency proportional to the business's advertising spend. Attackers also use fake Facebook Ads invoices sent by email as the entry point.
Common red flags
- Facebook notification or email warning your Page or ad account will be suspended for non-payment
- Sender email is not from @meta.com or @facebook.com
- Link in the message leads to a domain other than facebook.com or meta.com
- Message pressures you to act within a few hours to avoid account loss
- Fake Facebook notification appearing in your feed from an account with 'Meta' or 'Facebook' in its name
- Login page looks like Facebook but the browser address bar shows a different domain
How to protect yourself
- Go to facebook.com/settings or business.facebook.com directly to check your actual billing status
- Never log in to Facebook through a link in an email or Messenger message — go directly to the site
- Enable two-factor authentication on your Facebook and Meta Business accounts
- Regularly audit which email addresses are authorised to receive billing notices for your business
- If you manage ad accounts, use Meta's account-level security alerts to monitor login activity
How to report it
- Report the message or account in Facebook using the 'Report' option in the three-dot menu
- Forward phishing emails impersonating Meta or Facebook to [email protected]
- Report to the Anti-Phishing Working Group at [email protected]
Frequently asked questions
Does Facebook contact users about billing through Messenger?
No — Meta communicates billing and policy issues through your account's Support Inbox at facebook.com/settings and by email to your registered address. A Messenger message about billing is always a phishing attempt.