New Phishing Scam Hooks META Businesses with Trademark Threats


The phishing scam falsely asserts that the victim’s Facebook page will be permanently deleted due to a post allegedly infringing on trademark rights. However, there is no actual infringement; it’s all part of the scammer’s malicious plan.

In a recent wave of cybersecurity threats, scammers have unleashed a sophisticated phishing scam targeting META business owners on Facebook. Perpetrators are sending deceptive messages claiming trademark rights infringements, posing a severe risk to unsuspecting page owners.

Messages sent by scammers to Hackread.com and several other pages have also been reaching out to us. Users have noticed a sudden increase in receiving similar messages (Screenshot: Hackread.com).

A concerning phishing scam has emerged, specifically targeting business owners associated with Meta Platforms, Inc. Scammers are exploiting fears of trademark rights infringements, attempting to force page owners into clicking on malicious links under the guise of resolving alleged policy violations.

In reality, the scam is aimed at stealing the email address and password of the Facebook account further leading to the takeover of the page, profile and financial information.

The fraudulent message, seemingly originating from a supposed temporary support agent, warns recipients of an impending permanent deletion of their Facebook page. The scam leverages the authority of Meta Platforms, Inc., formerly Facebook, to create an atmosphere of urgency and legitimacy.

The Deceptive Message:

“Important Notification: Your Facebook page will be permanently deleted due to a post that infringes our trademark rights. We have made this decision after careful consideration and in compliance with our intellectual property protection policies. If you believe this is a misunderstanding, please submit a complaint requesting the restoration of this page before it is removed from Facebook.

Request for Review: We understand that this may impact your current business objectives. If we do not receive a complaint from you, this will be our final decision.

Thank You, This is a message from a temporary support agent with support ID 231778895, please visit the link above and follow the instructions. © Noreply Facebook. Meta Platforms, Inc., Attention: Community Support, 1 Facebook Way, Menlo Park, CA 94025.”

Sophistication of Phishing Page

In normal circumstances, scammers and two-bit thieves create phishing pages which are full of coding errors, spelling and grammar mistakes. Additionally, their design lacks sophistication and often turns out to be broken pages.

However, the ongoing phishing scam is quite sophisticated only and only because of its flawless design. A look at the screenshot captured by Hackread.com shows scammers have become professional in coding and web design:

Trademark Infringement Phishing Scam Targets META Business Owners on Facebook
The UI of the phishing page looks as authentic as possible (Screenshot: Hackread.com).

Modus Operandi

The phishing scam involves collecting personal data, including full names, email addresses, phone numbers, and dates of birth. It deceives victims by prompting them to file an appeal, but before doing so, they are asked to sign in to their accounts. Once signed in, the scammers siphon off their email and password.

Trademark Infringement Phishing Scam Targets META Business Owners on Facebook
Your email and password are gone (Screenshot: Hackread.com)

In the next stage of the scam, victims are requested to provide additional Personally Identifiable Information (PII) for supposed verification, such as an ID card, passport, or driver’s license. However, uploading these documents leads nowhere; it is merely a gimmick to keep the victims busy. Meanwhile, behind the scenes, the scammers attempt to change the passwords of the victims’ email addresses and Facebook accounts.

Trademark Infringement Phishing Scam Targets META Business Owners on Facebook
We submitted McLOVIN’s ID but unfortunately, it did not go through (Screenshot: Hackread.com)

The scam relies on the victim’s anxiety about losing their Facebook page and business reputation. By including an official-looking Meta Platforms, Inc. copyright notice and a seemingly authentic support ID, scammers aim to lend credibility to their fraudulent message.

This isn’t the first instance of Meta business owners falling victim to a phishing scam. In October 2023, Vietnamese hackers were reported to have employed DarkGate malware targeting META accounts in India, the United Kingdom, and the United States.

Protecting Against the Scam:

To safeguard against falling victim to this phishing scam, business owners are urged to:

  • Verify Official Communications: Authentic notifications from Facebook or Meta Platforms, Inc. would typically appear directly in the platform, not via external links.
  • Cross-Check Support IDs: Legitimate support communications usually come from official channels within the platform, not from temporary support agents with ambiguous IDs.
  • Exercise Caution with Links: Avoid clicking on any suspicious links. Official communications and actions can typically be verified by accessing the platform directly.

As cybersecurity threats continue to evolve, caution is crucial. META business owners and Facebook page administrators are advised to stay informed about potential scams and report any suspicious activity to the platform’s official channels.

Stay tuned for updates on cybersecurity measures and protect your online presence against emerging threats. Follow us on Twitter (X) @Hackread – Facebook @ /Hackread.

Microsoft, PayPal, Facebook most targeted brands in phishing scams

Facebook Phishing Scam: Crooks Using Messenger Chatbots to Steal Data

Facebook Phishing Scam Steals Login Data Using ‘Account Violation’ Policy





Source link