The Meta Business Support Scam has emerged as a prominent phishing scheme online. Primarily, it influences the administrators and owners of Facebook/Meta business or community pages. These misleading messages claim that the respective pages have been disabled due to violations reported by I.N.C. International Concepts. This scaremongering method seeks to trick people into clicking on the embedded links under the guise of resolving the supposed violation issues.
Table of Contents
Involving I.N.C. International Concepts’ Brand Name
Interestingly, in this scam, the scammers have associated the scam with I.N.C. International Concepts, which is, in reality, a legitimate women's clothing brand retailed solely through Macy's. The offending messages falsely link the brand with the reported violations leading to page destabilizations. Needless to say, this fashion label isn't associated with Meta Business Support or the related scam. This misuse is purely an attempt by the perpetrators to lend credence to their false claims.
False Claims About Page Disability
As part of the scheme, the scam artists assert that 'Your Page Has Been Disabled.' However, this claim is entirely fraudulent. Every component of this message, from the logo (an inverted version of the Meta logo) to the sender's account details, is falsified. This attempt to mislead recipients extends to the message source—the senders usually use counterfeit accounts to send out these deceptive alerts.
The Intention Behind Creating Urgency
The scam strategy fundamentally thrives on creating a sense of urgency in the victims. By indicating that the recipient's page has been disabled, they induce panic and an immediate need to correct the situation. Consequently, the user is likelier to click on the provided link to address the supposedly imminent issue without verifying the claim's legitimacy. Therefore, this urgent call to action facilitates the success of the cybercriminals' attempts to deceive the user.
How the Scam Works
The 'Meta Business Support' phishing scam's process involves fraudulent messaging, fake accounts, misuse of the Meta logo, and a carefully crafted illusion of urgency. The scam's primary objective is data phishing to steal personal details and login credentials from unsuspecting victims.
Fabricated Messages and Fake Accounts
The perpetrators of this scam use fake accounts and unsolicited messages to execute the fraudulent process. The recipient receives a message from 'Meta Business Support,' alleging their Facebook/Meta page has several reported violations. Examples of such ‘violations’ often include false claims of using someone else's name or photos or sharing deceptive content. These messages are intentionally crafted to create panic, encouraging quick action from the page owner or admin.
Misusing of Meta logo
The messages sent out under this scam even include a fraudulent Meta logo, an inverted version of the actual logo. By mimicking the visual elements of authentic Meta communication, the scammers try to deceive the recipients further and trick them into believing the message is legitimate.
Redirecting Toward a Phishing Page
The purported claim to 'resolve' the violation is a deceptive means to direct the recipient to a phishing page. This is done via a link in the scam message, which allegedly allows the user to 'Confirm your account' within 24 hours. Clicking on the link takes the user to a fake Facebook page designed with the ulterior motive of gathering personal information.
Aiming to Extract PII
One of the threatened 'consequences' of not confirming the account is that the victim's page may allegedly be permanently disabled. However, this tactic's primary purpose is to scare the user into entering their personal details and login credentials on the phishing page. Unfortunately, providing these details directly compromises the user's account security, revealing valuable data to cybercriminals and potentially enabling the spread of malware.
Scam Variations and Related URLs
Although the underlying modus operandi of the 'Meta Business Support' scam remains the same, it presents different variations. The primary aim of these scams, irrespective of the variation, is to trick unsuspecting targets into compromising their personal data. Further, these scams are associated with specific URLs intended to redirect potential victims to the phishing page. Several scam URLs have been associated with the 'Meta Business Support' phishing scam. Some commonly linked URLs include mfb[.]mobi, mfb[.]social, and facebook[.]5246272198633275-pages[.]help/[.]com. If a Facebook user encounters a message containing any of these links, it is crucial to note that these are undoubtedly associated with the scam and must be avoided. The act of clicking on these suspicious links can lead to compromising user security, including personal data and login credentials.
Different Variations, Same Goals
Most variations of the counterfeit 'Meta Business Support' messages maintain the prominent elements of the scam. Primarily these include a sense of urgency, cleverly manipulated links, and misleading information around reported violations resulting in the potential disablement of the recipient's page. Regardless of the presentation, each variant employs a strategy to incite panic to facilitate easy manipulation.
Safeguarding from such Scams
Facebook scams like the Meta Business Support Scam are sadly common online. This is far from the first instance of Facebook users being targeted via scamming techniques. These scams manifest in various forms, including phishing and advance fee fraud. Hence, it is crucial to keep updated on common types of scams and sites that could be potential threats. Familiarity with these scam models is fundamental in identifying red flags. Awareness and adoption of protective measures are essential for curbing the likelihood of falling victim to these scams. The cyber threat landscape continuously evolves, with scams becoming more sophisticated and harder to detect using common sense alone. As such, proactive measures to enhance security are required.
Regrettably, the realistic presentation and time pressure of scams often make many fall victim. Just clicking on an innocent-looking link can lead to significant compromise in personal information, which is alarming. To counteract this, it is essential to maintain skepticism towards unsolicited messages, unexpected deals, suspicious links, and providing personal information to unknown contacts.
