Beginning April 4, researchers at Bitdefender Antispam Lab spotted a new wave of phishing emails targeting Meta business account holders. The phony messages impersonating both Facebook and Instagram target North Americans and Europeans.
One spam sample analyzed by our researchers appears to target a vegan cosmetics business in the US. The email notifies the business owner that their “Facebook page is at risk of being removed from our platform” due to violations of Meta’s community standards.
“We take these violations very seriously, and we must take action to ensure the safety and well-being of our users,” the fake email warns. “If we do not receive any action from you, we may remove your page from Facebook.”
To avoid account closure and removal by Facebook, the recipient is advised to “file a counter-notification” by clicking on the embedded “Confirm” button.
Here’s what happens next:
2. After clicking on the ‘I am human’ box and Continue button, the user is directed to a copycat version of Meta’s Business Help Center page asks users to visit another malicious link
3. The above link directs the users to a fake webpage that also lists a phony Report number. The recipient is also asked to fill in personally identifiable information, including full name, business email address, personal email address, mobile number and Facebook Page Name.
4. Once the user agrees to the Terms, Data and Cookie Policy and clicks the Submit button, recipients are asked to enter their account password and MFA security codes that will give the attackers everything they need to take over the account.
5. After submitting all the information, a pop-up window advises the users to wait until their case is ‘reviewed,’ meaning the real account owner needs to wait until the attacker locks them out of their page.
Bitdefender Antispam Lab spotted a similar ruse targeting Instagram users with a similar fraudulent message.
One analyzed sample seemed to target the Instagram account of a reggae musician with over 80,000 followers.
Phishing attempts that begin with threats to delete or ban social media accounts are highly successful tactics criminals use to infiltrate accounts to distribute malware, spread misinformation and defraud others.
That’s why no account takeover attack should be taken lightly. Not only do these accounts hold potentially sensitive information, but they also help the attacker conduct fraudulent attacks against followers, customers, friends and family with devastating impact on the online reputation and finances of victims.
To prevent social media account takeovers, both regular users and business account holders should:
Need extra help managing your digital footprint and social media platform?
Bitdefender’s Digital Identity Protection (DIP) helps you manage your data on social media platforms including Facebook, Instagram and Twitter, by creating a comprehensive mapping of your digital footprint and allowing you to immediately respond to security issues.
You get real-time data breach monitoring, alerts and a handy tool to help you detect potential social media impersonators who may harm your reputation.
tags
Alina is a history buff passionate about cybersecurity and anything sci-fi, advocating Bitdefender technologies and solutions. She spends most of her time between her two feline friends and traveling.
View all postsDecember 19, 2024
November 14, 2024