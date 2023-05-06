



If you see a verified page on Facebook with a blue checkmark, don’t automatically assume that the page is legit.

Mashable can confirm that a number of fake Facebook business pages impersonated companies such as Google and Meta itself.

All pages viewed by Mashable appear to have had a verified Facebook page hacked, changing the page name and Facebook URL last week. Some of these pages have millions of followers. Each will display a blue verified badge that says “Facebook has verified this profile is authentic”.

This is not an actual verified meta ad page. This page once belonged to a Turkish school and has been hacked.Credit: Mashable screenshot

Most concerning, however, is that each hacked page is authorized to run ads on Facebook’s network, and all appear to do so. It’s unclear how far these fraudulent ads have reached and how many of her Facebook users may have been affected.

Fraudulent ads trick users into clicking on fake Google or Facebook URLs, which lead them to fake Google Sites pages impersonating the company. Upon visiting the page, the user is directed to download the supposed Facebook advertising tool or Google AI software, depending on the ad clicked. The file link displayed by Mashable directed the user to a .rar file hosted on a Trello page that most likely contained malware.

This page was once owned by Indian singer Miss Pooja. This is not her official Google page.Credit: Mashable screenshot

In all cases seen by Mashable, these hacked pages had additional page managers from numerous countries unrelated to the original page owner’s base. Social media managers can be everywhere, so it doesn’t automatically suggest anything, but each page hacked has, as Mashable previously reported, a hotbed of fraudulent activity on Facebook. A Vietnamese page manager was included in his three.

Several hacked pages had millions of followers

The largest hacked page appears to have been that of famous Indian singer Miss Pooja. The page has more than 7 million followers of her. On April 29, the page name was changed to “Google AI”. URL is also changed to “facebook.com/Google.BardAI2”.

The Facebook page details show the name change over time.Credit: Mashable screenshot

On May 3rd, the page started running ads on Facebook. It contained the following copy: “Notice This is the only verified and official Google Bard page. All other pages are fake.” Ads lured users to visit domains such as ‘aifuture.wiki’ and ‘bardai.bio’.

A fake Google page posted this as a Facebook ad.Credit: Mashable screenshot

When users clicked on one of these links, they were taken to one of the aforementioned fake Google Sites pages claiming to be the official Google website. For these particular ads, users were directed to a page titled “Google AI Marketing” where they were asked to “Download Google AI Marketing”. Clicking on that link automatically downloads the malicious “Google_AI_Marketing.rar” file. This file was hosted on Trello, a popular project management tool.

Ads on a fake Google page led users to this fake website.Credit: Mashable screenshot

Miss Pooja wasn’t the only Indian star to be targeted. Indian singer-songwriter Babbu Maan also had his verified Facebook page with 3 million followers hacked. Maan’s page was soon changed to “Meta Ads” and featured his Facebook ad in a similar copy of his fake Google page. However, these ads were being pushed to the “metaadstools.com” domain.

Babbu Maan’s original page URL remained on the fake meta ad page.Credit: Mashable screenshot

Düzce Üniversitesi, a Turkish university, also had a verified page hacked with over 28,000 followers. His Facebook page for the company was also soon disguised as an official “meta-ads” page, with his Meta-his logo as his profile picture. It has also started running ads, but the domain is “fbadstools.com”.

Both hacked pages impersonating Meta tried to trick users into downloading the “Meta Ads Manager” tool. This link downloads a malicious file titled “Facebook_Ads_Manager.rar” that was also hosted on Trello.

A screenshot of a fake website setup promoting the malicious “Facebook Ads Manager” tool.Credit: Mashable screenshot

Over the past few days, warnings about these fake pages have started circulating in various SaaS (software as a service) and social media groups on Facebook. Renowned social media consultant Matt Navarra recently highlighted this issue (opens in a new tab) as well.

In a statement provided to Mashable, a Meta spokesperson said, “We invest significant resources in fraud and hack detection and prevention.” Location – Scammers are constantly trying to circumvent our security measures. We regularly improve our methods to combat these scams and have built a team dedicated to improving the support we can provide to people and businesses. bottom. ”

Also note that Meta released a security report earlier this week regarding a worrying new type of malware seen across its platform and the web. Some of the threats described by Meta overlap with the types of scams advertised on these pages.

All hacked Facebook pages viewed by Mashable have been removed from the platform.

All of the hacked Facebook pages appear to have been verified by Facebook prior to Meta Verified, a new paid verification system, but a new feature that allows users to pay for blue checkmarks could cause further problems. There is a nature.

Even if Meta specifically verified each one, these latest hacks show how scammers can hijack existing verified pages to trick users. The ability to pay dollars has greatly increased the pool of potential targets that hackers seek to perpetuate their scams.

Update: May. May 5, 2023 at 4:30 PM EDT This article has been updated to include Meta’s statement.

