Did you Receive an Email From security[at]facebookmail.com with a Recovery Code?
The Internet is sweeping with reports (see Reddit post here) of Facebook users receiving an account recovery code email from when they did not request one. The email, which is legitimate from Facebook <
Email Subject: XXXXXXXX is your Facebook account recovery code
Email From Address: Facebook <
We received a request to reset your Facebook password.
Enter the following password reset code:
Alternatively, you can directly change your password.
Didn't request this change?
If you didn't request a new password, let us know.
If you did not request an activation code to change your password, chances are someone else made this request using your email address or phone number that is registered with your Facebook account. This means, they went to Facebook.com and then to Forgot Password? as pictured below.
What does this mean?
Another party either guessed or knows your email address/phone number is registered to your Facebook profile. The party will not be able to gain access to your Facebook profile or be able to reset your password, so as long as they do not have access to your email account. It is important you check your email account settings and ensure you are the only authorized user to access your email account (certain email providers allow you to check last login and time). All else, you can choose to reset your email account password as a safety precaution.
Did this happen to you recently? Please comment below to share with the community.