ISLAMABAD: A global cybersecurity company has uncovered a new phishing scam targeting businesses and undertakings engaged in promoting their pages on Facebook.
According to a new report released on Thursday, Kaspersky experts found that the scammers send emails allegedly on behalf of Meta for Business – Facebook’s platform for businesses – claiming the recipient’s page contains prohibited content.
The email suggested users provide explanations in order for their account and page to be unblocked. The goal of the attackers is likely to get access to users’ business accounts.
Kaspersky’s anonymized data showed that such emails started reaching users on December 14, with complaints coming from organizations all over the world. By examining the “From” field in the email it can be seen that the domain does not belong to Facebook. According to Kaspersky data the emails that this campaign used were sent from different domains.
The link in the email redirects users to Facebook Messenger. On Messenger, the account posing as Facebook’s support team appears legitimate, creating a false sense of trust.
There is an indication that this is a fan page, but it is easy to miss in a situation of high stress after being accused of spreading illegitimate content.
This scheme stands out for its sophistication. Unlike earlier scams that accused users of copyright violations and directed them to respond via email, this approach simulates internal communication on the Facebook platform itself.
If you receive such an email, report the incident to Facebook’s support team and update your passwords immediately if any information has been compromised,” suggested Andrey Kovtun, Email Threats Protection Group Manager at Kaspersky.
Copyright Business Recorder, 2024
