In a recent wave of scams, several verified Facebook pages were hacked and used to spread malware through ads on the platform. What makes these incidents particularly audacious is that some of the compromised accounts were posing as Facebook itself.
Matt Navarra, a social consultant, discovered these suspicious ads and shared them on Twitter. The hacked accounts had official-sounding names like “Meta Ads” and “Meta Ads Manager.” They targeted tens of thousands of followers, but likely reached an even wider audience through paid posts.
How did this ad get approved @Meta ?
😬
Verified account impersonating Meta tricking users into downloading shady tools pic.twitter.com/maPW6RWL3F
— Matt Navarra (@MattNavarra) May 4, 2023
In another case, a hacked verified account that previously belonged to Indian singer and actress Miss Pooja, now claiming to be “Google AI,” directed users to fake links for Google’s AI chatbot called Bard.
This account had over 7 million followers and had been active for at least a decade.
And this is not an isolated case
Here's another verified Facebook Page impersonating Meta
Yet Meta has approved it to run this scam ad pic.twitter.com/oylBvS3XPD
— Matt Navarra (@MattNavarra) May 5, 2023
Despite Facebook’s efforts to improve transparency by publicly displaying the history of name changes for verified accounts, these obvious scams still slipped through the cracks.
What’s particularly concerning is that the hacked pages not only impersonated major tech companies, including Meta (formerly Facebook), but they were also able to purchase ads on Facebook and distribute suspicious download links.
Even after recent name changes, these ads were approved without issue in Meta’s automated ads system.
All the identified impersonator pages have since been disabled.
Meta, the parent company of Facebook, recently published a report on a series of malware scams centered around AI. In these instances, hackers trick users of Facebook, Instagram, and WhatsApp into downloading malware by posing as popular AI chatbot tools such as ChatGPT.
One well-known cluster of malware called DuckTail has been plaguing businesses on Facebook for a few years.
It is possible that the Facebook pages impersonating Facebook and purchasing malware-laden ads were compromised through DuckTail or similar malware.
A spokesperson from Meta acknowledged their ongoing efforts to detect and prevent scams and hacks, but scammers continually find ways to bypass their security measures.
Impersonator accounts and compromised business pages have long been a concern for business owners on Facebook and Instagram. To address this, Meta has introduced Meta Verified, a verification program that offers improved customer support for businesses relying on their apps.
However, the catch is that businesses will need to pay $14.99 per month for “proactive account protection,” a price that many businesses may reluctantly pay to avoid dealing with a flood of scam accounts.
News Source TechCrunch