Devious phishing campaign hijacks a genuine Meta business feature to send scam emails — as they really do come from Meta’s own address



  • Huntress uncovers phishing campaign abusing Meta’s business account email infrastructure and impersonating the Meta Agency Partner Program
  • Victims were tricked into handing over credentials, which attackers exfiltrated to Telegram for account takeover, scam ads, and targeted phishing
  • Meta has since added guardrails that killed the campaign; Huntress published IoCs to help organizations detect related activity

Hackers are abusing one, and impersonating another legitimate Meta service, to try and steal login credentials for people’s business accounts with the company.

Meta, the owner of Facebook, Instagram, WhatsApp, and more, allows businesses to set up separate accounts and talk to each other. The emails sent from one to another pass through the company’s infrastructure, meaning they are shown as coming from Meta itself.

https://cdn.mos.cms.futurecdn.net/iiobK7D8pysDnhkkAGDsgH-2560-80.jpg



Source link

Latest articles

spot_imgspot_img

Related articles

Leave a reply

Please enter your comment!
Please enter your name here

spot_imgspot_img