Cybercriminals exploit Meta's image in sophisticated scams
Cybercriminals have increasingly frequently committed fraud using Meta and Facebook's image. Fake messages can be received on Messenger, as well as via SMS or email.
17 July 2024 08:02
The process used by cybercriminals begins with a message that, at first glance, seems to come directly from Facebook. If it is received via Messenger, the sender often uses a profile picture with the characteristic "F" symbol or "Meta" logo. The account name suggests that it is from the Facebook Help Center. In the case of emails, the title usually indicates that Meta Business Suite sent the message. Sometimes, a scammer tags the user in a shared, collective post.
Scammers inform the user that their access to the platform may be blocked or restricted. The message content may also include threats to delete the profile, which adds pressure to act quickly. To prevent this, they recommend clicking the provided link.
Such an action redirects the user to a website that closely resembles Facebook. There, the user is asked to fill out an appeal form and then provide login credentials. Entering these details results in scammers taking over the account.
CyberRescue describes an example of the effects of this type of fraud. One employee of a certain company received a fake message and, wanting to unblock access to the portal, provided their login details.
According to the client, she suddenly lost access to the company's fan page, and "strange contests and cryptocurrency offers" started appearing on the page. Simultaneously, money was reported to have disappeared from the page owner's bank account. This resulted from a payment card being linked to the Facebook page. The money was spent on promoting fake contests.
How to protect against such an attack?
- We should always apply the principle of limited trust. Even if the message seems to come from the support of a given service, we should exercise caution — advises Wojciech Łupina from CyberRescue.
If we have fallen victim to scammers, we should try to regain access to the account as soon as possible through the form at facebook.com/hacked. Next, we should change the password and activate two-step verification. It is also worth considering setting limits on the payment cards linked to the platforms we use.
In today's world, where online frauds are growing daily, staying vigilant and applying appropriate security measures is crucial to protecting your data and finances.