The scam message reads (unedited):
Notification: Your Account will be Disabled!
Account FACEBOOK you have already been reported by others about the abuse of account, this is a violation of our agreement and may result in your account is disabled. Please verify your email account to unblock and help us do more for security and convenience for everyone.
Immediately do recover your Facebook account, by clicking on the link below:
If you ignore this message, we can not recover your account and your account will be permanently disabled.
Sorry to interrupt your convenience.
The Facebook Team
Umawing added in his blog post:
Once a user entered the credentials that were requested and clicked “Log In,” data is posted to recovery.php, and then users are redirected to this payment page, which asks for his/her full name, credit-card details and billing address.
We have no idea why all of a sudden the account that claims to be a legitimate entity from Facebook is asking for a form of monetary compensation for the recovery of accounts. Perhaps that is what the phishers meant when they said, “help us do more for security and convenience for everyone.”
If you see posts on your feed that appear similar to the Facebook post we discussed here, whether it continues to bear the same URL or not, it’s best to ignore it and warn your network about an ongoing spam campaign.
Readers: Have you seen any similar messages?