Giveaway DM Takeover Scams on Facebook
Fake prize notifications sent via Facebook Messenger direct recipients to phishing portals that capture login credentials, leading to immediate account takeover that spreads the same scam to the victim's entire contact network.
Part of: Giveaway DM Takeover Scams
Last reviewed: 1 June 2026
Facebook Messenger giveaway scams are among the most virally efficient account takeover methods on the platform. Once a single account is compromised, the scam can reach hundreds of that user's friends through Messenger within minutes, each message appearing to come from a trusted source.
The combination of a recognisable sender, a tempting prize, and a plausible-sounding verification step makes the attack effective even against users who are otherwise cautious about online fraud.
How this scam works on Facebook
A compromised Facebook account sends Messenger messages to all contacts announcing a sponsored giveaway — often referencing a well-known brand — and including a link to claim the prize. Recipients who click find a convincing Facebook-styled login page requesting their credentials to verify eligibility.
After credentials are entered, the attacker locks the new victim out and sends the same message to their contact list. The attack thus propagates geometrically until accounts are suspended or enough users ignore or report the messages.
Variants use Facebook ads rather than Messenger: sponsored posts promoting a giveaway are shown to targeted audiences, and the ad's landing page captures credentials under the guise of a prize registration.
Common red flags
- Messenger message from a Facebook friend about a prize or giveaway with a link
- Prize claim link directing to a login page outside facebook.com
- Request to enter your Facebook username and password to verify prize eligibility
- Sponsored Facebook ad promoting a giveaway that requires a separate site login
- Multiple messages from different contacts about the same giveaway in a short period — a sign the scam is actively propagating
How to protect yourself
- Enable Facebook two-factor authentication to slow down the attacker even if your password is obtained
- Never log in to Facebook on any site other than facebook.com — verify URLs before entering credentials
- Alert your contacts via another channel if your account is taken over so they can ignore the fraudulent messages
- Report the fake giveaway message and any associated link to Facebook
- If your credentials were phished, change your Facebook password immediately and log out all other sessions
- Turn off Messenger link previews and be sceptical of any message containing an external link, even from friends
How to report it
- Report the compromised account sending the scam messages using Facebook's 'Report account' function
- Alert the genuine account owner through an independent channel so they can begin recovery
- Report phishing URLs to your browser's safe-browsing provider and to Facebook's phishing team
Frequently asked questions
How do I know if my Facebook account has been used to send giveaway scam messages?
You will often hear from concerned friends first. You can also check your Messenger sent folder for messages you do not remember sending, and review Facebook's Security and Login log for any unusual activity. If your account has been sending scam messages, change your password immediately and check for added administrators, apps, or changed contact details.