Hacked verified Facebook pages impersonating Meta are buying ads from Meta

Sketchy Facebook pages impersonating businesses are nothing new, but a flurry of recent scams is particularly brazen.

A handful of verified Facebook pages were hacked recently and spotted slinging likely malware through ads approved by and purchased through the platform. But the accounts should be easy to catch — in some cases, they were impersonating Facebook itself.

Social consultant Matt Navarra first spotted some of the ads, sharing them on Twitter. The compromised accounts include official-sounding pages like “Meta Ads” and “Meta Ads Manager.” Those accounts shared suspicious links to tens of thousands of followers, though their reach probably extended well beyond that through paid posts.

In another instance, a hacked verified account purporting to be “Google AI” pointed users toward fake links for Bard, Google’s AI chatbot. That account previously belonged to Indian singer and actress Miss Pooja before the account name was changed on April 29. That account, which operated for at least a decade, boasted more than 7 million followers.

Facebook now tracks and publicly displays a history of name changes for verified accounts — a welcome bit of transparency but a safeguard that apparently isn’t enough to flag some obvious scams.

What’s most egregious in these cases is that the hacked pages were not only impersonating major tech companies, including Meta itself, but that they were able to purchase Facebooks ads and go on to distribute suspicious download links. In spite of very recent account name changes, those ads were apparently approved without issue in Meta’s automated ads system.

All of the impersonator pages Navarra identified have since been disabled.

This week, Meta shared a report on a recent spate of AI-themed malware scams. In those instances, hackers lure Facebook, Instagram and WhatsApp users to download malware by posing as popular AI chatbot tools like ChatGPT. One of those clusters of malware known as DuckTail has been plaguing businesses on Facebook for a few years now.

As TechCrunch’s Carly Page explained this week:

Meta says that attackers distributing the DuckTail malware have increasingly turned to these AI-themed lures in an attempt to compromise businesses with access to Facebook ad accounts. DuckTail, which has targeted Facebook users since 2021, steals browser cookies and hijacks logged-in Facebook sessions to steal information from the victim’s Facebook account, including account information, location data and two-factor authentication codes. The malware also allows the threat actor to hijack any Facebook Business account that the victim has access to.

It’s possible that the Facebook pages that impersonated Facebook and went on to buy malware-laden ads were compromised through DuckTail or malware like it.

“We invest significant resources into detecting and preventing scams and hacks,” a Meta spokesperson told TechCrunch. “While many of the improvements we’ve made are difficult to see – because they minimize people from having issues in the first place – scammers are always trying to get around our security measures.”

Impersonator accounts and compromised business pages have long been a headache for business owners across Facebook and Instagram. Meta Verified, the company’s newly launched verification program, is positioned to improve the company’s notoriously thin level of customer support for businesses that rely on its apps. Controversially, Meta’s promising offer of “proactive account protection” isn’t a free improvement — Instagram and Facebook accounts will need to pay $14.99 a month to secure the higher level of customer support, a price many businesses will likely begrudgingly pay to avoid drowning in a sea of scam accounts.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *


Gary Vaynerchuk: NFTs will go beyond being just collectibles

Welcome back to Chain Reaction, a podcast that unpacks and dives deep into the latest trends, drama and news with some of the biggest names in crypto breaking things down block by block for the crypto curious. For this week’s episode, Jacquelyn interviewed Gary Vaynerchuk, better known as Gary Vee. He is the chairman of […]

Read More

Tesla says all new Model 3s now qualify for full $7,500 tax credit

ADVERTISEMENT All new Tesla Model 3 vehicles will now qualify for the full $7,500 federal EV tax credit, according to a change in Tesla’s website. The EV tax credits were mandated by Congress last August as part of the Inflation Reduction Act, with the goal of ending U.S. reliance on China for batteries. The full $7,500 […]

Read More

T. Rowe Price has marked down its stake in Canva by 67.6%

Last summer, Blackbird, one of Australia’s largest venture operations, marked down the value of one of its most prized stakes, in the Sydney-based design platform Canva. Valued at $40 billion by investors in a $200 million round in the fall of 2021, Blackbird adjusted its own valuation of the company 36% to $25.6 billion. Now, […]

Read More
ankara escort çankaya escort çankaya escort escort bayan çankaya istanbul rus escort eryaman escort ankara escort kızılay escort istanbul escort ankara escort ankara escort escort ankara istanbul rus Escort atasehir Escort beylikduzu Escort Ankara Escort malatya Escort kuşadası Escort gaziantep Escort izmir Escort