Kaspersky, a global cybersecurity and digital privacy company, as raised the alarm regarding a surge in sophisticated phishing attacks aimed at businesses promoting their pages on Facebook. The findings stem from expert analysis revealing the emergence of a new phishing scam, which exploits user trust in major platforms to lure unsuspecting victims.
According to Kaspersky, the attack campaign involves scammers sending seemingly legitimate emails purportedly from Meta for Business—Facebook's dedicated platform for businesses. These emails falsely claim that the recipient’s page has been flagged for containing prohibited content. In an effort to regain access, users are encouraged to provide explanations, which ultimately serves the attackers' underlying goal: to hijack users’ business accounts.
Data from Kaspersky indicates that these fraudulent emails began circulating as early as 14 December 2024, with reports originating from various corners of the globe, including the Middle East, Turkiye, and Africa. Notably, Kaspersky's analysis reveals that the domains in the “From“ field of the emails do not belong to Facebook, clearly indicating the attacks’ nefarious intent.
The phishing emails cleverly include links that redirect users to Facebook Messenger. Here, the impersonated account, masquerading as Facebook’s support team, appears credible—thus creating a false sense of security for panicked users faced with accusations of violating community standards. Although there are indications that this is a fan page, such nuances can easily be overlooked when individuals are under duress.
Andrey Kovtun, email threats protection group manager at Kaspersky, said this scheme stood out for its sophistication.
Unlike earlier scams that accused users of copyright violations and directed them to respond via email, Kovtun said this approach simulates internal communication on the Facebook platform itself.
“In 2025, we anticipate a rise in attacks leveraging social engineering and user trust in major platforms. Scams like this are becoming more sophisticated as attackers strive to mimic official services closely. Users must remain vigilant, verify the authenticity of messages, and avoid clicking on suspicious links,” Kovtun said.
“We strongly advise users not to engage with suspicious accounts and to activate additional security measures, such as two-factor authentication. If you receive such an email, report the incident to Facebook’s support team and update your passwords immediately if any information has been compromised.”
A few months ago Kaspersky reported of another Facebook phishing scheme to hijack business accounts.
To be protected from such attacks, Kaspersky recommended:
- Always use two-factor authentication wherever possible.
- Pay close attention to notifications about suspicious login attempts.
- Make sure all your passwords are both strong and unique. To generate and store them, it’s best to use a password manager.
- Carefully check the addresses of pages asking for account credentials: if there’s even the slightest suspicion that a site is fake, do not enter your password.
- Equip all work devices with reliable protection that will warn of danger ahead of time and block the actions of both malware and browser extensions.
BUSINESS REPORT