If you receive an email from the ‘firstname.lastname@example.org’ email address with an account recovery code because they’ve received a request to change your password, it is NOT REAL!
DO NOT click on the button!
The address looks legit so I reckon it will be the source of a bunch of people losing access to their Facebook accounts soon.
I don’t want you to be one of them!
To be on the safe side, you can always check if a Facebook account security email is real, by following these steps…
Click on the triangle top right of your Facebook personal account (on desktop/laptop)
Select ‘settings and privacy’
On the left menu, go to ‘security and login’
Scroll alllll the way down the page to find ‘’Advanced’
And click ‘see recent emails from Facebook’.
If the security-based email you have received is listed there, it’s legit.
While you are on this page, check you have ‘2 factor authorisation’ set up.
This means any logins from new sources will have to be approved by you on one of your logged in devices.
You might also want to set it up to notify you of all unrecognised logins.
This can throw out a few notifications if you have lots of devices or are often logging in outside your home, but it may also save your account when that one time it is not you logging in and you are able to thwart an attempted hack!