Fraudulent Facebook messages allege copyright infringement and threaten to take down pages unless users enter logins, passwords and 2FA codes. The scam uses fraudulent pages generated on Facebook, giving their phishing emails an added air of legitimacy. The fake Facebook emails offer clues that they re not legit, but it s convincing enough to goad social-media administrators into wanting to gather more information on the supposed copyright violation complaints, which means clicking on the phishing link in the email. Once on the site, users were asked to enter their password, twice, access the Facebook app and enter in the 2FA code.
Source: https://threatpost.com/copyright-violation-facebook-2fa-bypass/160690/