Sketchy Facebook pages impersonating companies are nothing new, however a flurry of current scams is especially brazen.
A handful of verified Facebook pages have been hacked just lately and noticed slinging probably malware by way of ads accredited by and bought by way of the platform. But the accounts needs to be straightforward to catch — in some circumstances, they have been impersonating Facebook itself.
Social guide Matt Navarra first noticed a few of the ads, sharing them on Twitter. The compromised accounts embrace official-sounding pages like “Meta Ads” and “Meta Ads Manager.” Those accounts shared suspicious hyperlinks to tens of 1000’s of followers, although their attain most likely prolonged nicely past that by way of paid posts.
In one other occasion, a hacked verified account purporting to be “Google AI” pointed customers towards pretend hyperlinks for Bard, Google’s AI chatbot. That account beforehand belonged to Indian singer and actress Miss Pooja earlier than the account identify was modified on April 29. That account, which operated for at the least a decade, boasted greater than 7 million followers.
Facebook now tracks and publicly shows a historical past of identify adjustments for verified accounts — a welcome little bit of transparency however a safeguard that apparently isn’t sufficient to flag some apparent scams.
What’s most egregious in these circumstances is that the hacked pages weren’t solely impersonating main tech corporations, together with Meta itself, however that they have been capable of buy Facebooks ads and go on to distribute suspicious obtain hyperlinks. In spite of very current account identify adjustments, these ads have been apparently accredited with out problem in Meta’s automated ads system.
All of the impersonator pages Navarra recognized have since been disabled.
This week, Meta shared a report on a recent spate of AI-themed malware scams. In these cases, hackers lure Facebook, Instagram and WhatsApp customers to obtain malware by posing as fashionable AI chatbot instruments like ChatGPT. One of these clusters of malware known as DuckTail has been plaguing companies on Facebook for just a few years now.
As TechCrunch’s Carly Page defined this week:
Meta says that attackers distributing the DuckTail malware have more and more turned to those AI-themed lures in an try to compromise companies with entry to Facebook advert accounts. DuckTail, which has focused Facebook customers since 2021, steals browser cookies and hijacks logged-in Facebook classes to steal info from the sufferer’s Facebook account, together with account info, location knowledge and two-factor authentication codes. The malware additionally permits the menace actor to hijack any Facebook Business account that the sufferer has entry to.
It’s attainable that the Facebook pages that impersonated Facebook and went on to purchase malware-laden ads have been compromised by way of DuckTail or malware prefer it.
“We invest significant resources into detecting and preventing scams and hacks,” a Meta spokesperson informed TechCrunch. “While many of the improvements we’ve made are difficult to see – because they minimize people from having issues in the first place – scammers are always trying to get around our security measures.”
Impersonator accounts and compromised enterprise pages have lengthy been a headache for enterprise house owners throughout Facebook and Instagram. Meta Verified, the corporate’s newly launched verification program, is positioned to enhance the corporate’s notoriously skinny degree of buyer help for companies that depend on its apps. Controversially, Meta’s promising provide of “proactive account protection” isn’t a free enchancment — Instagram and Facebook accounts might want to pay $14.99 a month to safe the upper degree of buyer help, a value many companies will probably begrudgingly pay to keep away from drowning in a sea of rip-off accounts.