The message claims that the users' account has been reported for violating "policies that are considered annoying or insulting Facebook users," and that they have to "reconfirm" their account within 24 hours if they don't want it to be disabled.
Users who follow the link, they are taken to a website that has nothing to do with Facebook and are urged to complete the "security check":
Then, step by step and page by page, they are asked to fill out a variety of forms with information such as name, address, date of birth, email, email password, Facebook password, credit card number and type, expiration date, security code, and billing address:
Those users who have fallen for this very thorough phishing scheme will, among other things, get their Facebook accounts hijacked and used to spread the malicious message to their own Facebook friends, GFI notes.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.