Verified Facebook accounts are being hacked to spread malware - here’s how you can stay safe

Hackers are stealing verified Facebook accounts

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Hackers have been detected breaking into popular verified Facebook pages and using them to run ads on the social media behemoth distributingmalware.

Social consultantMatt Navarrafirst spotted the malicious campaign, outlining the danger on Twitter.

Navarra noted whoever is behind the campaign first targeted popular Facebook pages (one of the victims has more than seven million followers and has been active for over a decade). Should they gain access, they would change the page’s name into a variant of Meta (Facebook’s parent company), orGoogle.

Cheeky scams

Cheeky scams

Then, they would purchase an ad on the social media network, in which they would target page managers and advertising professionals. “Because of security issues for upcoming users, you can no longer manage ad accounts in thebrowser,” the ad reads. “Switch to a more professional and secure tool,” the ad concludes, before sharing an obviously fraudulent download link.

There are multiple issues with this campaign, Navarra says, including how the accounts were breached, how Facebook allowed the threat actors to change the page’s name into something seemingly related to Meta and keep the blue checkmark, and how they managed to actually buy and run ads which are obviously redirecting the target audience to a shady website, at best.

This Facebook Messenger phishing scam may have trapped millions of users>Don’t fall for this devious phishing scam, Facebook users warned>Here are thebest identity theft protectiontools right now

Facebook has since disabled all of the affected accounts, and shut down the malicious campaigns, TechCrunch further reported. It also said that Facebook pages now show if the page changed its name in the past, and from what, which is a welcome addition to bolster transparency.

“We invest significant resources into detecting and preventing scams and hacks,” a Meta spokesperson told TechCrunch. “While many of the improvements we’ve made are difficult to see – because they minimize people from having issues in the first place – scammers are always trying to get around our security measures.”

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Via:TechCrunch

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

This new malware utilizes a rare programming language to evade traditional detection methods