Recently, police forces in the North West region has seen a sharp increase in reports from businesses that have been victims of attacks against their company Facebook profile(s). The Attackers are compromising Facebook accounts, changing details and then demanding the victims pay a ransom to regain access.
How are they getting into Facebook business accounts?
Attackers are using Phishing attacks against employees, finding leaked passwords on the internet, or cracking weak passwords.
Once logged in, they are changing the email address and password of the account so that the business is locked out and the Attacker has complete control.
MoneyWeek recently spoke about this topic; with a growing number of businesses having had advertising accounts hacked, and found themselves with a large bill run up by their attackers.
This scam sees the hackers access the business’s settings, enabling them to change spending limits and other controls. It can be difficult to put a stop to this fraud, even after the business has spotted the problem.
What is the impact of a cyber attack on your business via Facebook?
Attackers are setting up recurring advertisement payments using the bank details - those of the victim - associated with the account. This can be very costly to the business, using the payments as a lure for further extortion by demanding the victim pay a ransom to regain access to their Facebook account.
If the victim refuses to pay the ransom, it has been reported that the Attacker(s) will post extreme and/or indecent content on the business's account. This forces Facebook to close the account, however, this does not stop the advertisement charges so the business still suffers huge financial losses. Combining the financial losses and the disastrous reputational damage from the content the Attacker posts mean this is a very high-risk threat to businesses with unsecured accounts.
Eight ways to secure your Facebook account
Facebook itself will never send small businesses direct messages; instead, it will send an email. Businesses should not respond to a message sent by an account claiming to be Facebook – it is likely to be a scam!
If you suspect your account may be targeted, or think your password could be accessed, reset it and use 3 random words.
Review which payment methods are linked to your account. Do they need to be there? Are you no longer running adverts? If not, remove those card details.
Enable multi-factor authentication (MFA) on your account, either through SMS or using an authenticator application.
Facebook advises businesses to ensure the phone numbers and email addresses on the account are updated, this can allow you to recover your account more quickly.
Review who in your business needs access to the account. Ensure that only the most relevant employees have advertising access - fewer people with access mean the attackers have fewer people to target with social engineering or phishing Attacks.
If you think an admin account has been used to compromise your business, you can remove its access privileges on your settings page.