A is any scheme—whether fraudulent or misguided—that encourages or requires a user to provide their Facebook login credentials (email and password) to a third party in exchange for a reward (e.g., cash, prizes, followers, or account verification). This paper analyzes the mechanics, risks, and legal ramifications of such practices. The key finding is that any password giveaway inherently violates Facebook’s Terms of Service, compromises account security, enables identity theft, and exposes participants to irreversible digital harm.
No legitimate giveaway, friend, cousin, or celebrity will ever ask you to type your Facebook password into a post, comment, or unsecured DM. If they do, they are trying to steal your identity, scam your grandmother, or sell your data. Facebook Password Giveaway
: Attackers create "cloned" accounts using the name and profile picture of a friend or a verified business to gain trust before sending scam links via DM. Code Sharing Scams No legitimate giveaway, friend, cousin, or celebrity will