Fake Facebook Business Pages Are Bombarding Users with Phishing Messages - so What Can Be Done?
Companies Mentioned
Why It Matters
The campaign exposes a critical identity‑verification gap in Meta’s business platform, putting millions of small‑to‑mid‑size businesses at risk of credential theft and financial loss, and underscores the need for stronger anti‑phishing controls across social‑media management tools.
Summary
Cybercriminals are exploiting Facebook Business Suite by sending phishing emails from the legitimate facebookmail.com domain, tricking SMBs and marketers into revealing credentials. Check Point Research recorded more than 40,000 fraudulent messages sent to roughly 5,000 entities, with some victims receiving thousands of emails. The attacks leverage fake Business pages that mimic official branding and target topics like account verification and ad credits. Experts advise using password managers, enabling MFA, educating staff, and monitoring for suspicious activity to mitigate the threat.
Fake Facebook Business pages are bombarding users with phishing messages - so what can be done?
Comments
Want to join the conversation?
Loading comments...