Facebook friend needs your help to secure their account

Have you had a friend say hello via Facebook Messenger and then after some pleasant exchange ask for your help in trying to reset their Facebook account or trying to secure it?  They simply need your help on getting a code from Facebook on YOUR phone to help them secure their account.  Well, if so, your friend has already fallen for this scam and has given the hackers a way to reset their password and take over their account and now those same hackers are trying to fool you.  Here is a capture of how that chat goes:

FBF Chat

Once the pleasant exchanges are done, the move to sending you a recovery code for “their” account will come to your email.  They request you just give them that number, so they can secure their own account.  Sometimes they will go into the reason for this, is they had a hacker in their account and so Facebook makes them require someone to verify them to secure their account.  Who wouldn’t want to help their friend escape a hacker?  Well, that’s exactly what the hacker is hoping for.  Here is what the email will look like that is a legitimate email from Facebook:

FBF Email is yours

If you notice at the bottom, “This message was sent to” your email address “at YOUR request.”  This is a legit email from Facebook to reset YOUR password, it has nothing to do to help a friend.  By giving up this code, you are giving the hacker the ability to change your password and then lock you out of your own Facebook account.  Once that happens, you’ll have very little recourse to reclaim your account.  While Facebook does have ways to reclaim your account, we’ve found, it is not a huge priority for Facebook to get you back your account.  Most lose their account forever, meanwhile, the hacker is trying this scam with all your friends. Many times they are also trying to ask your friends to help you out by buying some gift cards (which goes to the hacker) or one of the other hundreds of scams out there.  And again, the hacker is now “YOU” so your friends are much more likely to fall for their requests.

So be alert and don’t fall for this.  If you have a direct way to contact your friend, do it.  They may have time to send a password reset still and reclaim their account.  (If the hacker wasn’t good at re-securing the account by changing the accounts email.)