publishing date icon
March 2, 2023
read time icon
5 min. read

Advanced phishing attack mimics Facebook policy violation notification

Post hero image

Table of contents

share this post

A targeted phishing attack mimicking a Meta notification is currently in circulation, aiming to gain access to company social media accounts.

The email starts by informing the victim that their "Business Manager" account has violated Facebook's policies by posting inappropriate content and has been scheduled for review. If the victim fails to respond within 24 hours, the account may be permanently suspended.

The email uses convincing language and creates a sense of urgency, prompting the victim to act and click on the malicious link in the email. Clicking on the link takes the victim to a webpage that closely resembles Meta's actual site, containing a form that claims to allow the victim to submit an appeal.

However, the form is designed to harvest the victim's account login credentials, as well as their personal information, which the attackers could potentially use to craft further spearphishing attacks.

The form also requires two-factor authentication, which allows malicious actors to harvest MFA tokens.

Although this phishing attack is highly sophisticated, examining the sender's address and the URL of the malicious webpage reveals that neither is related to Meta.

Off the hook – How to detect the attack and protect your organization from it

Always examine the sender's address to see if it makes sense in the context of the email. Make sure to hover over links before clicking on them, to verify where the link leads toIf in doubt, it's advisable to navigate manually to the webpage of the service provider instead of clicking on links in emails.

Subscribe to Threat Feed

Subscribe to Hoxhunt's Threat Feed to get the latest phishing threats delivered to your inbox, every Friday.

Form CTA

Hoxhunt needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at anytime. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.