Verified and Hacked Facebook Pages Posing as Meta are Buying Meta Ads

Sketchy Facebook Pages posing as businesses are nothing new, but a series of recent scams is particularly brazen.

A handful of verified Facebook Pages were recently hacked and detected delivering probable malware via approved ads purchased through the platform. But the accounts should be easy to catch: In some cases, they were posing as Facebook.

Social consultant Matt Navarra first saw some of the ads and shared them on Twitter. Compromised accounts include official looking pages like “Meta Ads” and “Meta Ads Manager”. Those accounts shared suspicious links with tens of thousands of followers, though their reach likely extended much further through paid posts.

In another case, a hacked verified account pretending to be “Google AI” directed users to fake links for Bard, Google’s AI chatbot. That account previously belonged to Indian singer and actress Miss Pooja before the account name was changed on April 29. That account, which operated for at least a decade, boasted more than 7 million followers.

Facebook now tracks and publicly displays a history of name changes for verified accounts, a welcome bit of transparency, but apparently not enough protection to flag some obvious scams.

The most egregious thing in these cases is that the hacked pages were not only posing as major technology companies, including Meta itself, but that they were able to buy Facebook ads and continue to distribute suspicious download links. Despite very recent account name changes, those ads appeared to be approved without issue in Meta’s automated ad system.

Since then, all impersonator pages identified by Navarra have been deactivated.

This week, Meta shared a report on a recent spate of AI-themed malware scams. In such cases, hackers lure Facebook, Instagram, and WhatsApp users into downloading malware by posing as popular AI chatbot tools like ChatGPT. One such malware group known as DuckTail has been plaguing businesses on Facebook for a few years.

As TechDigiPro’s Carly Page explained this week:

Meta says that attackers distributing the DuckTail malware have increasingly turned to these AI-themed lures in an attempt to compromise companies with access to Facebook ad accounts. DuckTail, which has been targeting Facebook users since 2021, steals browser cookies and hijacks started Facebook sessions to steal information from the victim’s Facebook account, including account information, location data, and two-factor authentication codes. The malware also allows the threat actor to hijack any business Facebook account the victim has access to.

Facebook Pages that impersonated Facebook and bought malware-laden ads may have been compromised via DuckTail or similar malware.

“We invest significant resources to detect and prevent scams and attacks,” a Meta spokesperson told TechDigiPro. “While many of the improvements we’ve made are hard to see because they minimize people getting into trouble in the first place, fraudsters are always trying to circumvent our security measures.”

Copycat accounts and compromised business pages have long been a headache for business owners on Facebook and Instagram. Meta Verified, the company’s recently launched verification program, is positioned to improve the company’s notoriously low level of customer support for businesses that trust its apps. Controversially, Meta’s promising “proactive account protection” offer isn’t a free upgrade: Instagram and Facebook accounts will need to pay $14.99 per month to secure the highest level of customer support, a price that many companies they will probably begrudgingly pay to avoid drowning in a sea of ​​fraudulent accounts.

Disclaimer: All the content or information on this article is given for only educational purposes.


Scroll to Top