Scammers target Facebook business accounts using Meta’s infrastructure and branding




Kaspersky has discovered a new phishing scheme targeting Facebook business accounts, using legitimate Facebook infrastructure to send deceptive emails with threats of account suspension. Cybercriminals have devised a method to use authentic Facebook functions to send fake suspension warnings to business accounts. These emails, originating from Facebook, contain alarming messages such as “24 Hours Left to Request Review. See Why”.

Clicking the email link leads to a genuine Facebook page displaying a similar warning. After that, a user is redirected to a phishing site disguised with Meta branding, reducing the time to resolve the issue from 24 to 12 hours. Finally, the phishing site initially asks for innocuous information, followed by a request for the account’s email, or phone number and password.

(Email with a fake warning about account problems, sent from Facebook).

The attackers utilise compromised Facebook accounts to send these notifications. They change the account name to a threatening message and the profile picture to an exclamation mark, after which they create posts mentioning the targeted business accounts. And because delivery is via the actual Facebook infrastructure, these notifications are guaranteed to reach their intended recipients.

“Even notifications that appear legitimate and come from a trusted source such as Facebook can be deceptive. It’s crucial to carefully examine the links you are prompted to follow, especially when it involves entering data or making payments. This can make a significant difference in protecting your business accounts from phishing attacks,” comments Andrey Kovtun, a security expert at Kaspersky. 

For protecting the social media accounts of your business Kaspersky experts recommend:

  • Avoid opening links you receive in suspicious email messages. If you need to sign in to your account with the organisation, type in the address manually or use a bookmark.
  • To protect the company against a wide range of threats, use solutions from Kaspersky Next product line that provide real-time protection, threat visibility, investigation and response capabilities of EDR and XDR for organisations of any size and industry. Depending on your current needs and available resources, you can choose the most relevant product tier and easily migrate to another one if your cybersecurity requirements are changing.
  • Invest in additional cybersecurity courses for your staff to keep them up to date with the latest knowledge. With practically oriented Kaspersky Expert training, InfoSec professionals can advance their hard skills and be able to defend their companies against sophisticated attacks. You can choose the most appropriate format and follow either self-guided, online courses or trainer-led live courses. For other employees there are also educational courses, such as Kaspersky Automated Security Awareness Platform.

Advert:




Be the first to comment

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.