There’s a concerning issue going on at Facebook right now, with hundreds of users being spammed with “account recovery code” emails for password reset attempts. And whileFacebook accounts getting hackedand disabled is nothing new, these emails are hitting multiple users in waves.
You’re not alone if you received a “Facebook account recovery code” email or several over the last 48 hours. After several family members reached out saying something similar, a quick look onReddit confirmsthey’re not the only ones.
One user on Reddit posted that someone keeps trying to reset their Facebook password, but thanks to two-factor authentication, the person received an email with a code.Looking through the Reddit thread, a flood of these attempts hassurfaced all week long. However, just because you received an email that looks legit doesn’t mean it’s an actual email from Facebook.
Related:(Update: Resolved) This Facebook Glitch Automatically Sends Friend Requests to Strangers
The Facebook email reads: “We received a request to reset your Facebook password. Enter the following reset code,” followed by a blue box with an 8-digit code. It also says, “Alternatively, you can directly change your password and offers up a one-click box to make the change. Don’t click anything in the email.
Another userreported that the emailwas sent from security@facebookmail.com, an authentic address Facebook uses for security-related communications. Still, the flood of emails has users concerned, and hackers can spoof emails.
As usual, never click any buttons, links, or codes received in an email regarding passwords or login attempts, especially if you didn’t request the code yourself. Be cautious!
Over the last few years, Facebook hasslowly required two-factor authenticationfor many accounts, which could save users by sending an email code before allowing for a reset. And while 2FA is a second layer of security, it’snot without its flawseither.
Judging by the countless replies on Reddit and complaints on Facebook, there appears to be a widespread phishing attempt going on at the moment. If you decide to change your password, ignore the email and manually change it within the Facebook app. Furthermore, usinga password managerto secure your online accounts is always a good idea.
We’ve reached out to Facebook and will report back once we know more.
viaReddit
