![]() ![]() We've seen various cloud providers abused to host these password-protected RAR archives ranging from Google to Trello, as seen below. ![]() The lure is the Facebook Ads Manager program that is pushed via a download link. We've seen several different domains that are essentially phishing pages using the Meta logo and branding. ![]() In order to compromise those accounts, they first need to redirect potential victims onto external websites. Scammers are primarily targeting business users who may spend ad dollars on the platform. It is also worth noting that these accounts often have tens of thousands of followers and any of their posts can quickly become viral. In early June, we identified fraudulent accounts running the same scam using similar lures. They were trying to entice potential victims into downloading software to manage their advertising via a "more professional and secure tool". An article in TechCrunch from May describes how scammers were buying ads from Meta via verified accounts. More than $180K in compromised ad budgetĪds Manager is the product that enables users to run online ads on Facebook, Instagram and other platforms owned by Meta.Over 800 victims worldwide, 310 in the US.Malicious Google Chrome extensions are used to steal and extract login information.Victims are lured via fake Ads Manager software promoted on Facebook.Vietnamese threat actors are actively targeting Facebook business accounts.We have passed the information about this campaign and the threat actors to Meta and thank it for taking prompt action following our reporting. While tracking this campaign, we noticed the threat actors made a mistake when they packaged one of the malware files with their own stolen data. Now, we've discovered a new attack that uses malicious Chrome extensions to steal Facebook account credentials and is not related to the DuckTail malware. Meta has tracked and analyzed several threat actors such as DuckTail that have been active for a number of years with a particular interest for Facebook advertising accounts. Crooks are promising better advertising via optimization, and increased performance when you use their (malware-laden) software. In the past few weeks, there's been a resurgence in sponsored posts and accounts that impersonate Meta/Facebook's own Ads Manager. Like all social media platforms, Facebook constantly has to deal with fake accounts, scams and malware. We have written about scams targeting consumers that redirect to fake Microsoft alert pages, but there are also threats targeting businesses that use Facebook to promote their products and services. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |