Kaspersky Reveals New Social Media Scam Targeting Businesses

VPN
Business scam alert
0


Kaspersky has uncovered a sophisticated phishing scam targeting businesses via social media platforms, with a particular focus on Facebook. This scam uses fake Meta for Business emails to deceive users into providing sensitive information under the guise of resolving a supposed account violation.

The campaign, which began on December 14, 2024, has affected businesses worldwide, including those in France. Victims are lured into interacting with seemingly legitimate support agents through Facebook Messenger, creating an illusion of trust while exposing their information to cybercriminals.

How the Scam Works

  • Phishing Email:Victims receive emails purporting to be from Meta for Business, falsely claiming their page violates Facebook’s rules.
  • Redirect to Messenger:Clicking the link leads users to Facebook Messenger, where they interact with a fake support account that mimics genuine internal communication.
  • Data Theft:Victims are tricked into sharing sensitive information, such as login credentials, financial details, or access permissions, under the pretext of unlocking their accounts.

    • What Makes This Scam Unique?

    Unlike conventional phishing attacks, this scam:

    • Avoids direct accusations of violations, instead simulating internal communication for added credibility.
    • Uses multiple server domains, making it harder to trace its origin.

    Impact on Businesses

    Victims of this scam may face:

    • Loss of sensitive business information.
    • Unauthorized access to their social media accounts.
    • Financial losses from fraudulent transactions.
    • Potential damage to their brand reputation.

    Kaspersky’s Warnings

    Kaspersky researchers predict an increase in social engineering attacks throughout 2025, driven by sophisticated techniques like this one. The company emphasizes the need for vigilance and offers the following recommendations:

    • Verify Message Authenticity:Always check the sender’s domain and confirm communications directly with Facebook or Meta.
    • Avoid Suspicious Links:Do not click on links in unsolicited emails. Instead, navigate to the official platform for verification.
    • Enable Two-Factor Authentication (2FA):Add an extra layer of security to your accounts to prevent unauthorized access.
    • Report Phishing Attempts:Notify Facebook of any suspicious messages or activities.

    Broader Cybersecurity Concerns

    This scam comes amid heightened cybersecurity concerns globally. In other recent news:

    • Chinese Hackers Breach U.S. Telecoms: State-sponsored group Salt Typhoon has infiltrated networks at major U.S. telecom companies, exposing sensitive surveillance and communication data. (BleepingComputer)
    • Eagerbee Backdoor Malware: Government organizations and ISPs in the Middle East have been targeted by Chinese malware exploiting Windows vulnerabilities. (BleepingComputer)
    • India’s New Digital Data Regulations: Stricter cybersecurity rules and penalties for data breaches are being proposed to strengthen personal data protection. (The Hacker News)

    Protect Your Business

    Businesses must adopt proactive cybersecurity measures to mitigate the risks of scams and phishing attacks. Regular training for employees, robust security protocols, and ongoing monitoring are critical to staying ahead of these evolving threats.

    Sources:



    Source link

    [wp-stealth-ads rows="2" mobile-rows="2"]
    You might also like
    VPN

    VPNs (beginner's guide to the deep web)

    VPN

    How to Configure SSL VPN on FortiGate FortiOS 7 – FortiGate Remote Access

    VPN

    Top Cybersecurity Breaches of 2024: Lessons Learned

    VPN

    Best VPN for PC | 6 TOP VPN services to use in 2024