Business
Facebook & Fraud. The Customer isn’t always right
Global Banking & Finance Review®
Company
By Sumit Bansal, VP APAC at BlueVoyant
Fraud scams across social media sites are soaring. Only last month, UK bank TSB said there had been a huge jump in the number of scams originating from Meta-owned sites and apps, releasing research that shows they now account for 80% of cases within TSB’s three largest fraud categories: impersonation, purchase and investment.
Back in April 2021, BlueVoyant identified a rise in Facebook customer service impersonation campaigns targeting customers of several large international banks and their subsidiaries. Threat actors create spoofed customer service accounts pretending to represent these organisations, reeling in unsuspecting customers who sought assistance. Customers fail to recognise that the pages are fake and engage with them, playing right into the threat actors’ hands.
Our team has determined that it is most likely a team of attackers working together – or at least sharing best practices – to carry out this type of scam. They aim to gain access to customers’ bank accounts by contacting customers who find their fraudulent pages and walking them through a series of steps that appear to be in service of helping them with their accounts, but are actually steering them to provide credentials, personally identifiable information (PII), or, worse yet, direct access to their account itself via a screen control app.
In order to increase the legitimacy of the campaign, the impersonated pages are continuously updated with the bank’s original Facebook content, including the most recent posts and uploaded pictures.
Our analysts engaged with the threat actors running these accounts, acting as customers who have been genuinely tricked. They followed the conversations as far as they could without being exposed or handing over access to their accounts.
After getting the customer’s information, the representative asked the customer to download the Anydesk Remote Control app, which provides platform-independent remote access to personal computers and other devices running the host application. It offers remote control, file transfer, and VPN functionality. The actor uses the software to gain access to the customer’s device, which then allows them to bypass 2FAs, conduct illicit transactions, steal PII and so on.
As our analysts are seasoned threat hunters, they rebuffed this demand to see what the next move would be. The threat actors then asked them to attempt a money transfer using Remitly, an online transferring service, to verify their identity. At this point, the conversation broke down, and our analysts withdrew from the ruse.
Ultimately, the burden will fall on the organisation that has been impersonated to rectify the situation. Therefore, it’s imperative that banks and other financial institutions continue to educate their users and continually enhance fraud prevention protocols.
This phenomenon puts customers of numerous banks at risk of becoming victims of fraud, while simultaneously harming the banks’ reputation and violating their privacy policies. Ensure you have a digital risk protection service in place and educate customers on potential threats to avoid damage to your business.
Fraud is an intentional deception made for personal gain or to damage another individual. It often involves misrepresentation or concealment of information.
Impersonation fraud occurs when a scammer pretends to be someone else, often a trusted entity, to deceive victims into providing personal information or money.
Personally identifiable information (PII) refers to any data that can be used to identify an individual, such as names, social security numbers, and addresses.
A screen control app allows a user to remotely access and control another device's screen, often used for technical support or troubleshooting.
Fraud prevention protocols are measures and strategies implemented by organizations to detect, prevent, and respond to fraudulent activities.
Explore more articles in the Business category
