I’ve seen a lot of posts with people warning individuals about certain usernames that redirect to phishing sites.
While the sentiment is probably pure, this is not the most effective strategy.
These accounts were real accounts, not fake ones makes by the phisher. These are the accounts of people who fell for the phishing scam.
We’ve seen that when people know how to fix their account it is actually very very easy to recover their page. So your warning may be warning about someone whose account will be fine shortly. Furthermore, the number of hijacked accounts is massive and constantly fluctuating. Creating a list of all hijacked accounts is not an efficient use of time.
Instead here is my suggestion for how to help. This method is something anyone can do even if you are not tech savy.
Whenever you are followed by a phishing account: Reach out to the original owner of the account.
Many people use the same username in multiple places. See if you can find them on another social media platform.
Also using the google cache you can try to access their ask box in the cache and send a message. The cache will show the account as it appeared before the takeover. Also their cached version of their page may give clues for how to contact them.
For every person you help get their page restored you also help cut back on the chances of others falling for the phishing scam.