eCommerceNews New Zealand - Technology news for digital commerce decision-makers
New Zealand
Guides
#
commerce systems
#
customer data platforms
#
data analytics
#
marketing technologies
#
payment technologies
Search
Story image
#
Cybersecurity
#
Facebook
#
Kaspersky

Kaspersky alerts businesses to complex Facebook scam

Yesterday
Author image
By Shannon Williams, Journalist

Kaspersky has revealed a new phishing scam targeting businesses using Facebook for promotional activities.

The scam involves emails sent to businesses, purporting to be from Meta for Business, that claim recipients' pages contain prohibited content and require explanations to avoid account suspension. The scammers' objective appears to be gaining access to users' business accounts.

The phishing emails began reaching users on 14 December, as seen in Kaspersky's anonymized data, with reports coming from organisations globally, including the Asia Pacific region. Examination of these emails reveals that the "From" field does not feature an official Facebook domain. Furthermore, these scam emails originate from various domains.

The email directs recipients to Facebook Messenger, where a fake support team account seemingly validates the authenticity of the communication, creating a false sense of security. A small indication shows it might be a fan page, but can be overlooked during stressful situations when users are accused of sharing forbidden content.

This scam is distinguished by its complexity, as it replicates internal communication on the Facebook platform, differing from earlier scams which accused users of copyright breaches and prompted responses via email.

Andrey Kovtun, Email Threats Protection Group Manager at Kaspersky, commented: "In 2025, we anticipate a rise in attacks leveraging social engineering and user trust in major platforms. Scams like this are becoming more sophisticated as attackers strive to mimic official services closely.

"Users must remain vigilant, verify the authenticity of messages, and avoid clicking on suspicious links. We strongly advise users not to engage with suspicious accounts and to activate additional security measures, such as two-factor authentication.

"If you receive such an email, report the incident to Facebook's support team and update your passwords immediately if any information has been compromised."

Previously, Kaspersky reported another phishing attempt to seize control of business accounts on Facebook.

Kaspersky advises users to employ two-factor authentication whenever possible, closely monitor notifications about suspicious login attempts, and ensure that all passwords are both strong and unique. Utilising a password manager to generate and store passwords is recommended. Users should verify the legitimacy of web addresses requesting account credentials to avoid entering passwords on counterfeit sites. Additionally, equipping all devices used for work with comprehensive protection can prevent the execution of malware and harmful browser extensions.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
New year, new protections: Top tips to safeguard your business from cyber-attacks in 2025
Cyber threats rise during festive season, experts warn
The imperative of cybersecurity in manufacturing
Thoughtworks partners with AWS to advance GenAI in Asia
SAP Concur forecasts 2025 trends in travel management tech
Top stories
Metaview report reveals AI surge in 2024 job interviews
Domain market set to grow from USD $2.35bn to USD $3.47bn
Sciative Solutions reports a 125% revenue growth in 2024
AI integration & data trends set to shape 2025 industry
Medallia reveals experience management trends for 2025