New Phishing Attack Targeting Meta Business Suite Users to Steal Login Credentials

A large-scale phishing campaign has emerged, exploiting Meta’s Business Suite to compromise credentials across thousands of small and medium-sized businesses worldwide.

Check Point security researchers identified approximately 40,000 phishing emails distributed to more than 5,000 customers, primarily targeting industries including automotive, education, real estate, hospitality, and finance across the U.S., Europe, Canada, and Australia.

The sophisticated attack leverages legitimate Meta infrastructure, making detection substantially more difficult than traditional phishing attempts.

The campaign demonstrates a troubling evolution in threat tactics. Rather than relying on spoofed domains and fake infrastructure, attackers have weaponized Meta’s native Business invitation feature to establish credibility.

This approach exploits user trust in established platforms and circumvents conventional email security filters that typically flag suspicious sender addresses.

By originating from the legitimate facebookmail.com domain, these messages appear authentic and indistinguishable from genuine Meta notifications.

Check Point security analysts identified the campaign after observing repetitive patterns in email subjects and structure consistent with template-driven mass distribution.

New Phishing Attack

The attackers created fraudulent Facebook Business pages adorned with official Meta branding and logos, then deployed these fake pages to send Business Portfolio invitations containing embedded malicious links.

Recipients were redirected to credential harvesting pages hosted on domains such as vercel.app, where sensitive information was extracted and intercepted.

The infection mechanism relies on social engineering and domain trust exploitation. Emails utilized urgent language such as “Action Required,” “You’re Invited to Join the Free Advertising Credit Program,” and “Account Verification Required,” compelling users to click embedded links.

The messages perfectly mimicked legitimate Meta notifications, including proper formatting and branding elements.

Once victims clicked the links, they were redirected to phishing websites designed specifically to capture login credentials and other sensitive account information.

Organizations should implement multi-factor authentication to prevent unauthorized access even when credentials are compromised.

Additionally, employees must receive training emphasizing credential verification and cautious link evaluation, regardless of sender legitimacy.

Advanced email security solutions incorporating behavioral analysis and artificial intelligence-driven detection provide enhanced protection against this evolving threat landscape.

Direct navigation to official Meta accounts rather than clicking email links represents another crucial defensive measure against these sophisticated credential theft attempts.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.

The post New Phishing Attack Targeting Meta Business Suite Users to Steal Login Credentials appeared first on Cyber Security News.