Cofense, a phishing detection and response solutions firm, released a report providing information on a sophisticated phishing campaign targeting business accounts in Meta platforms, reports SiliconAngle.
Click for more special coverage
The highly targeted and widespread phishing campaign can bypass multifactor authentication protections and create emails in different languages, targeting users in 19 countries.
The attackers send emails claiming to be official communications from Meta to exploit business accounts, warning users that they have violated copyright issues or policy guidelines. The emails can bypass secure email gateways, allowing them to reach the inboxes of Meta business account users.
“Given the complexity of the phishing email side of things, there’s no doubt that a successful compromise of a Meta ad account will lead to a more advanced attack like an ad fraud campaign,” Cofense researchers wrote.
“This type of attack can lead to huge financial loss for a business and potentially followers of the business page itself," the report warns.