113/68 Monday, March 24, 2025
A new phishing scheme is targeting Instagram business accounts by using fake chatbots and spoofed support emails to trick users into handing over their login credentials. According to the Cofense Phishing Defense Center, the attack begins with a fake notification email claiming that a user’s ad has been suspended due to violations of advertising policies. The email appears to come from a Salesforce address (noreply@salesforce[.]com), but it is not an official Instagram domain.
When users click the link in the email, they are directed to a fake website designed to mimic Meta Business, which displays a warning stating the account will be suspended unless specific actions are taken. The phishing group uses fake chatbots and setup guides to manipulate users into disclosing personal information. Victims are also encouraged to set up two-factor authentication (2FA) using a fake Authenticator app called “SYSTEM CHECK”. Following these steps gives the attackers full access to the victim’s Meta business account.
To reduce the risk of falling victim to this scam, users should carefully verify the sender’s email address and link URLs before clicking, avoid interacting with suspicious emails, and only use trusted 2FA apps like Google Authenticator or Microsoft Authenticator to enhance account security.
Source https://hackread.com/phishing-scam-fake-instagram-chatbots-hijack-accounts/
