Beware! Cybercriminals Are Now Using Facebook Mechanism To Send Fake Notifications Threatening To Block Facebook Business Accounts

Online scams and thefts are nothing new to us as we have been hearing about several cases almost every day where a person or organization has been a part of cybercrime. New ways and preventive measures are there so that nobody falls into such traps but seems like as people are being more careful with such frauds, cybercriminals are also using different ways to carry on with their illegal practices.

According to Kaspersky, cybercriminals are using genuine Facebook infrastructure to send phishing emails that threaten to block accounts.

Let’s see how this Phishing Attack Is Carried On

A message is sent by the social network itself to the email address linked to the victim’s Facebook business account as can be seen in the above image. If in haste you open the given link or manually open Facebook in a browser and check for notifications, you will witness a notification there with similar threatening words that mentions you have 24 hours left.

The notification contains more details, alleging that the account and page are to be blocked because someone complained about their non-compliance with the terms of service. If you follow the given link to solve the dispute, a website opens bearing the Meta logo with roughly the same message, but the time granted to solve the issue has been halved to 12 hours.

After clicking the start button, through a series of redirects the visitor lands on a page with a form asking initially for data like- page name, first and last name, phone number, date of birth and then on the next page user will be asked the email address or phone number linked to your Facebook account and your password which might be the information that the attacker is looking for.

It was suspected that a similar scheme might be used on other Meta platforms as a similar threat led the user to the Instagram location.

The attackers get Facebook to send phishing notifications on their behalf by using hijacked Facebook accounts. The account name is changed to the most troubling title: “24 Hours Left To Request Review: See Why” while the profile pic is also changed to show an orange icon. Then the message about the block account is posted from the account.

At the bottom a mention of the victim’s page appears, and threat actors post such messages from hijacked accounts in bulk all at once, each of which mentions one of the target Facebook business accounts, as a result, Facebook sends notifications to all accounts mentioned in these posts.

How to Protect Business Social Media Accounts?

• Use two-factor authentication wherever possible
• Pay Close attention to notifications about suspicious login attempts
• Make sure all passwords are strong and unique, and use a password manager to generate and store them
• Carefully check the addresses of pages asking for account credentials
• Equip all work devices with reliable protection that will warn of danger ahead of time and block the actions of both malware and browser extensions.