Targeting high-profile users to gain account credentials has been discovered to be done by cybercriminals posing as Facebook technical support staff.

To phish prominent personalities, celebrities, businesses, sports teams, and individual users, cybercriminals generated over 3,200 fraud profiles, the majority of them imitating Meta workers’ profiles.According to a blog post by cybersecurity company Group-IB, con artists deceived victims by pretending to be Meta’s technical staff and asking users to voluntarily submit data on a phishing website or by sending their browser cookies to prevent their profiles from being blocked.

Cybercriminals use attention-grabbing messages to entice potential victims by claiming that they were “written” by Meta/Facebook support personnel. In their posts, which also contain links to phishing websites, they tag dozens of other pages, according to the article.Scam posts will be visible to potential victims in their newsfeeds, alerts, or when they perform a search for the name of a person or business that has been tagged.The campaign’s objective is to break into high-profile users’ Facebook accounts and use the Facebook log-in information to target the person’s other social media and financial accounts. The effort is still active and will last through February and March 2023.

Once they have the login information, scammers can use the accounts to gather the login information of other users. In some cases, attackers have been found to turn compromised profiles into phishing profiles to broaden their impact. It was discovered that con artists were utilising phrases like “account,” “retrieval,” or “recovery” to entice new victims.

“This phishing campaign’s potential reach represents its true risk. The post stated that “fans of a certain page who subscribed before the scammers took over the account are converted into potential victims after account takeover, which might result in an exponential increase in the number of victims.

The Group-IB analysis found more than 3,200 fraudulent profiles, and more than 220 phishing websites impersonating legitimate Meta and Facebook webpages were used to entice potential victims.