A convincing email pretending to be from Facebook started circulating Thursday, trying to trick Australians into entering their personal information.
The message, as first detected by security firm Mailguard on Thursday morning, scares recipients into urgent action with the subject "Action Required".
The body then says the Facebook user's ability to post new material has been disabled until their identity is confirmed.
"The email then requests the recipient to aid in verifying their identity by providing scanned copies of valid IDs such as their Driver's Licence, Passport, and Medicare card," said a Mailguard spokesperson.
The email is designed to harvest sensitive personal information from Australian Facebook users, in order to steal their identity.
The Mailguard spokesperson said the criminals are preying on people's distress at not being able to post on social media.
"Cybercriminals behind the scam aim to spark panic and concern among recipients, motivating them to rectify the situation as soon as possible. Several techniques have also been employed to boost the legitimacy of the email, such as a convincing sender domain."
Mailguard recommended that anyone who receives this email report it to firstname.lastname@example.org.
Generally, Australians should immediately delete emails that:
Seem to be from a well-known organisation but not addressed to the recipient by name, and could display poor grammar or spelling.
Request clicking on a link to access a website. When in doubt, go to the real company website and navigate to that page.
Offer rewards or gifts in return for personal information.
Request personal information that the company should already know.
Make your money work with Yahoo Finance’s daily newsletter. Sign up here and stay on top of the latest money, news and tech news.