- 17:20Israel foreign minister optimistic about Gaza ceasefire and hostage deal amid ongoing talks
- 16:50US sanctions target firms tied to Iranian oil sales, citing links to Quds Force
- 16:20New Gaza-bound aid mission to challenge Israeli blockade
- 15:50Severe thunderstorms to strike Moroccan regions amid ongoing heatwaves
- 15:20Morocco advances overhaul of criminal procedure code to modernize justice system
- 14:45Congo’s football chief accused of embezzling $1.3 million in FIFA funds
- 14:20Handala mission: Freedom Flotilla launches new humanitarian voyage to Gaza
- 13:30Transfer talks stall as Hamza Igamane's Lille move hits a snag
- 12:20Morocco reduces pre-trial detention rates to historic low
Follow us on Facebook
Phishing alert: Sophisticated scam targets businesses through Facebook ads
Kaspersky experts have uncovered a new phishing scam targeting businesses advertising on Facebook. Cybercriminals are impersonating Meta for Business, the platform dedicated to enterprise users, and sending fraudulent emails claiming that the recipient’s page contains prohibited content. These emails prompt businesses to provide sensitive information under the guise of unlocking their accounts and pages. The attackers’ ultimate goal is to gain access to these professional accounts.
Kaspersky’s anonymized data reveals that emails mimicking these fraudulent communications started reaching Facebook users on December 14, 2024. These phishing attempts have targeted businesses worldwide, including in France. A closer inspection of the sender's field in the email shows that the domain used does not belong to Facebook. According to Kaspersky, these emails are distributed from multiple servers, further complicating detection.
The email includes a link that redirects potential victims to Facebook Messenger. There, attackers use a fake support account that appears legitimate to create a false sense of trust. While the account is labeled as a fan page, this detail can be easily overlooked, especially in high-stress scenarios where recipients fear losing access to their accounts due to alleged violations.
This scam stands out for its sophistication. Unlike older phishing methods that accused users of copyright infringement and solicited replies via email, this new tactic simulates internal communication on Facebook’s platform itself.
Andrey Kovtun, Email Threats Protection Group Manager at Kaspersky, highlights the escalating risk: “In 2025, we anticipate a rise in attacks leveraging social engineering and user trust in major platforms. These scams are becoming increasingly sophisticated, with attackers striving to closely replicate official services. We urge vigilance—verify the authenticity of messages, avoid clicking on suspicious links, and refrain from engaging with dubious accounts. Enabling additional security measures, such as two-factor authentication, is highly recommended. If you receive a similar email, report the incident to Facebook’s support team and immediately update your passwords if your information has been compromised.”
This discovery follows a previous report by Kaspersky of another phishing scheme on Facebook targeting business accounts.
Comments (0)