Kaspersky has discovered a new phishing scheme targeting Facebook business accounts, using legitimate Facebook infrastructure to send deceptive emails with threats of account suspension. Cybercriminals have devised a method to use authentic Facebook functions to send fake suspension warnings to business accounts. These emails, originating from Facebook, contain alarming messages such as “24 Hours Left to Request Review. See Why”.
Email with a fake warning about account problems, sent from Facebook
Clicking the email link leads to a genuine Facebook page displaying a similar warning. After that, a user is redirected to a phishing site disguised with Meta branding, reducing the time to resolve the issue from 24 to 12 hours. Finally, the phishing site initially asks for innocuous information, followed by a request for the account’s email, or phone number and password.
The attackers utilize compromised Facebook accounts to send these notifications. They change the account name to a threatening message and the profile picture to an exclamation mark, after which they create posts mentioning the targeted business accounts. And because delivery is via the actual Facebook infrastructure, these notifications are guaranteed to reach their intended recipients.
“Even notifications that appear legitimate and come from a trusted source such as Facebook can be deceptive. It’s crucial to carefully examine the links you are prompted to follow, especially when it involves entering data or making payments. This can make a significant difference in protecting your business accounts from phishing attacks,” comments Andrey Kovtun, a security expert at Kaspersky.
For protecting the social media accounts of your business Kaspersky experts recommend:
· Avoid opening links you receive in suspicious email messages. If you need to sign in to your account with the organization, type in the address manually or use a bookmark.
· To protect the company against a wide range of threats, use solutions from Kaspersky Next product line that provide real-time protection, threat visibility, investigation and response capabilities of EDR and XDR for organizations of any size and industry. Depending on your current needs and available resources, you can choose the most relevant product tier and easily migrate to another one if your cybersecurity requirements are changing.
· Invest in additional cybersecurity courses for your staff to keep them up to date with the latest knowledge. With practically oriented Kaspersky Expert training, InfoSec professionals can advance their hard skills and be able to defend their companies against sophisticated attacks. You can choose the most appropriate format and follow either self-guided, online courses or trainer-led live courses. For other employees there are also educational courses, such as Kaspersky Automated Security Awareness Platform.
