Popular and verified Facebook pages are falling prey to cybercriminals who are using them to distribute malware from advertisements. Hackers break into the accounts and change the names to something linked to Meta or Google. Then, they acquire advertising space and focus their efforts on deceiving potential victims.
As soon as they take over the verified Facebook page, scammers make posts in which they offer security alternatives to administrators of other pages on the social network. Here’s an example:
Due to security concerns for future users, you can no longer manage ad accounts in your browser. Switch to a more professional and secure tool. For your work to be uninterrupted, download and use it now. The new Manager is packed with new features that can better target your audience and automatically optimize ads…
The message comes with a download link, which is just a virus ready to disrupt the life of the user who downloads it.
Facebook took a while to notice the scams
One of the first people to notice this kind of move by hackers was social media consultant Matt Navarra. The professional pointed out what was happening on his Twitter profile, but felt even more concerned with the fact that Meta’s social network had not noticed the scams.
First, there’s the question of how the verified accounts were hacked. There are pages, for example, with more than 7 million followers and a decade of life on the platform.
In addition, it is strange that Mark Zuckerberg’s company has allowed the name of the page to be changed to something related to itself and still maintain the verified seal, like the sample above. Ultimately, the scammers were able to buy Facebook ads from the hacked product, suggesting a lack of moderation in this matter.
It took a while, but I finally realized
After Matt Navarra’s posts on May 4th and many Twitter users bookmarked the Meta, the company started to move.
According to TechCrunch, all criminals who were exposed on social networks lost access to the pages, which were properly disabled. However, this does not mean that the invasions have stopped.
It’s also worth noting that Facebook tracks and displays the entire name change history of verified accounts.
A spokesperson for Meta spoke about the event:
We invest significant resources in detecting and preventing scams and hacks. While many of the improvements we’ve made are hard to see – because they minimize people’s problems in the first place – scammers are always trying to get around our security measures.
With information: TechRadar.