Slug phishing campaign hijacks genuine Meta business function to send scam emails – as they really come from Meta’s own address


  • Huntress Uncovers Phishing Campaign Abusing Meta’s Corporate Account Email Infrastructure and Mimicking the Meta Agency Partner Program
  • Victims were tricked into handing over credentials that attackers exfiltrated to Telegram for account takeover, scam ads and targeted phishing
  • The meta has since added bumper cars that killed the campaign; Huntress released IoCs to help organizations discover related activity

Hackers abuse one and pretend to be another legitimate Meta service to try to steal login information for people’s business accounts with the company.

Meta, the owner of Facebook, Instagram, WhatsApp and more, allows businesses to create separate accounts and talk to each other. The emails sent from one to the other pass through the company’s infrastructure, meaning they come from Meta itself.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top