Phishing scams targeting Meta users (including Facebook and Instagram) are on the rise. These scams often involve emails claiming to address security issues, tricking recipients into revealing sensitive information or accessing malicious links. Here’s how they work and what to watch out for.

How the Meta Security Scam Works

Cybercriminals orchestrate these phishing scams by crafting emails that appear to come directly from Meta, using official logos, branding, and language that closely resembles genuine Meta communications.

These messages often create a sense of urgency, warning users of “suspicious activity”, “account suspension”, or an “unauthorized log-in attempts”. By instilling fear, scammers prompt users to click on links that lead to fake log-in pages designed to mimic Meta’s official sites. Once victims enter their credentials, the scammers gain access to the users’ accounts, enabling them to steal personal information or take over the accounts entirely.

In a recent case, a would-be victim received the following very convincing phishing email, which purported to be from the Meta security team:

In this situation, the user has apparently been restricted due to inappropriate behavior. Note the high-pressure deadline: this is classic social engineering. To return to normal, the user must visit the “Meta” webpage and perform a so-called System / Security Check, as seen below:

After creating the ticket, the victim is instructed to head over to their real Facebook account settings and acquire a two-factor authentication code. This code is what the scammers are really after — they can add this to the information they already have to comprehensively take over your account: don’t let them!

How to Spot a Phishing Email

• Sender’s Email Address: Always verify the sender’s email. Genuine Meta emails come from domains like @facebookmail.com or @instagram.com. The scam email above is: “noreply[at]salesforce[.]com”.
• Generic Salutations: Phrases like “Dear User” or “Account Holder” are red flags. Legitimate companies usually address users by name.
• Urgency or Fear Tactics: Claims that your account will be suspended immediately if you don’t act are a common trick.
• Suspicious Links: Hover over links to check the URL before clicking. Meta’s genuine URLs will always match their official domains. The scam URLs above are: “account[.]metasystemchat[.]com” and “krtra[.]com”.
• Grammatical Errors: Legitimate companies proofread communications. Typos or awkward phrasing are common in phishing emails.

What to Do If You Suspect a Phishing Attempt

• Do not click links: Avoid interacting with the email. Instead, log in to your account directly via the official website or app.
• Report it: Forward phishing emails to phish@facebook.com.
• Change your password: If you suspect your credentials were compromised, update your password immediately.
• Enable two- or multi-factor authentication (2FA): Adding an extra layer of security can help protect your account.

Protect Yourself with Trend Micro Check

With the increasing number and sophistication of scams, staying one step ahead is more crucial than ever. Unfortunately, antivirus software alone isn’t enough. Introducing the newly updated Trend Micro Check! Just look at how quickly and easily TMC identified the above scam for one would-be victim:

Available for both Android and iOS, Trend Micro Check offers comprehensive protection from deceptive phishing scams, scam and spam text messages, deepfakes, and more:

• Scam Check: Instantly analyze emails, texts, URLs, screenshots, and phone numbers with our AI-powered scam detection technology. Stay secure and scam-free.
• SMS Filter & Call Block: Say goodbye to unwanted spam and scam calls and messages. Minimize daily disruptions and reinforce your defenses against phishing.
• Deepfake Scan: Detect deepfakes in real-time during video calls, alerting you if anyone is using AI face-swapping technology to alter their appearance.
• Web Guard: Surf the web safely, protected from malicious websites and annoying ads.

To download Trend Micro Check or to learn more, click the button below. As ever, if you’ve found this article an interesting or helpful read, please SHARE it with friends and family to help keep the online community secure and protected. Also, please consider clicking the LIKE button or sharing your experience in a comment below. Here’s to a secure 2024!