MailGuard 14 March 2024 10:23:16 AEDT 5 MIN READ

Meta Recruiting Scam Aims to Steal Company Admin Social Media Credentials

In a cleverly constructed scam that even ‘yours truly’ fell for, scammers are reaching out to the social media departments at companies to offer them jobs with Meta. Yes, I forwarded this scam to a former employee, who kindly informed me in reply that the offer was indeed a scam. That was embarrassing! But like all of us, I need to continue to exercise caution along with a healthy dose of cynicism when reading through my emails.

Meta, or Meta Platforms Ltd., the owner of Facebook, Instagram, WhatsApp and Threads, among other products and services, is a much sought after employer of choice for anyone looking to establish themselves with a career in social media pr related professions.

When interested parties click through on the link in the email, they’re directed to (Facebook) Messenger where they innocently disclose their Facebook account credentials to the scammers who can then take control of social media properties attached to their profile, impersonate the individuals that are caught out, or simply sell the credentials to the highest bidder on the dark web.

The MailGuard team suspects that on this occasion, the well-crafted cover email that kicks off the campaign was generated using Chat GPT given its contrast to clumsy grammatical errors further into the scam on the phishing pages.

The email itself, which is shown below, is entitled ‘Join Our Team as a Social Media Manager!’, and comes from ‘The Recruiting Team at Meta’, with a sender email address of ‘do-not-reply-meta-careers(at)dataforce(dot)recruitee(dot)com.

 

email-masked-meta-0324

 

After piquing the interest of the target, the ‘Apply to Job’ link takes the victim to a Facebook login page, and after signing in a Job Ad from Meta Careers is displayed.

With the first sign of a nibble, the scammers quickly jump into a Messenger chat with interested individuals in an attempt to entice them further along the path. Below is a selection of some of those interactions.

messenger scam progress-060324

Users should be hyper vigilant when approached online, especially when it comes to sharing social media credentials. They are highly prized by scammers and can be used to assume the identity of the company and the individuals attached. This scam demonstrates the agility of cybercriminals, targeting email inboxes and then transitioning the victim into other platforms where they're less likely to be identified.

On this occasion, Meta was quick to dismantle the scammers website, however the nature of these operations means that other sites will be created in their place as the ‘whack-a-mole’ charade continues between the platform and the scammers that are taking advantage of it.

MailGuard advises all recipients of this email to delete it immediately without clicking on any links. Providing your personal details can result in your sensitive information being used for criminal activity and may have a severe negative impact on your business and its financial well-being.     

MailGuard urges users not to click links or open attachments within emails that:       

  • Are not addressed to you by name.       
  • Appear to be from a legitimate company but use poor English or omits personal details that a legitimate sender would include.       
  • Are from businesses that you were not expecting to hear from, and/or       
  • Take you to a landing page or website that is not the legitimate URL of the company the email is purporting to be sent from.      

Many businesses turn to MailGuard after an incident or a near miss, often as a result of an email similar to the one shown above. If unwanted emails are a problem for your business, don’t wait until it’s too late.  

Reach out to our team for a confidential discussion by emailing expert@mailguard.com.au or calling 1300 30 44 30.

One email is all that it takes     

All that it takes to devastate your business is a cleverly worded email message that can steal sensitive user credentials or disrupt your business operations. If scammers can trick one person in your company into clicking on a malicious link or attachment, they can gain access to your data or inflict damage on your business.     

For a few dollars per staff member per month, you can protect your business with MailGuard's predictive and advanced email security. Talk to a solution consultant at MailGuard today about securing your company's inboxes.  

Stay up-to-date with MailGuard's latest blog posts by subscribing to free updates. Subscribe to weekly updates by clicking on the button below.  

Keep Informed with Weekly Updates