Fake verified Facebook pages entice users to click on malicious links
Hacked verified accounts on Facebook are now posing as meta, buying ads on the social network and tricking users into clicking on suspicious download links.
A handful of verified Facebook pages were recently hacked and found to contain likely malware through ads accepted and purchased through the platform. But the accounts should be easy to catch — in some cases, they posed as Facebook itself.
Social media consultant Matt Navarra first spotted some of the ads and posted them on Twitter.
“How did this ad get accepted @Meta? Verified account posing as meta to trick users into downloading shady tools,” he tweeted with a screenshot of the fake Meta ad.
It wasn’t an isolated incident, and another verified Facebook account was hacked and pretends to be “Google AI,” pointing Facebook users to fake links to Bard, Google’s AI chatbot.
“That account previously belonged to Indian singer and actress Miss Pooja before the account name was changed on April 29, reports TechCrunch.
“The account, which was active for at least ten years, had more than 7 million followers,” the report states.
Dangerous accounts include official-sounding pages such as “Meta Ads” and “Meta Ads Manager”.
These accounts shared suspicious links to tens of thousands of followers.
A Meta spokesperson said they invest significant resources in detecting and preventing scams and hacks.
“While many of the improvements we’ve made are hard to spot – because they minimize people getting into trouble – fraudsters are always trying to get around our security measures,” the spokesperson said.
Last week, Meta found malware authors taking advantage of the public’s interest in ChatGPT and tricking users into downloading malicious apps and browser extensions.
The company likened this phenomenon to cryptocurrency scams, as both tactics take advantage of people’s curiosity and trust to gain access to sensitive information.
It found about 10 malware families masquerading as ChatGPT and similar tools to compromise accounts on the Internet.
“Over the past few months, we have investigated and taken action against malware strains that take advantage of people’s interest in OpenAI’s ChatGPT to trick them into installing malware that pretends to provide AI functionality,” Meta wrote in its security report.
Read all the Latest Tech News here.