Threat Alert: Meta/Facebook Impersonation

• Recent phishing campaign involve a legal complaint sent allegedly on behalf of Meta/Facebook.
• The lure is sent from a look alike Facebook domain (Helps-facebook[.]com) and includes a subject line indicating urgent action is required to address an issue of copyright infringement.
• The message contains threats of legal action and account suspension due to an alleged image upload that violated community standards.
• To avoid the threatened consequences, recipients are directed to view an attached password protected PDF within 24 hours.
• If the link to the PDF is clicked, the download of password-protected executable to deliver malware is initiated.

Key Action: Report Suspicious Emails 

• Keep in mind that cybercriminals regularly abuse legitimate services like Facebook. If you see an unexpected email linking you to an unknown document, it should be regarded as potentially malicious.
• Remember cybercriminals take advantage of strong emotions. This campaign uses a look alike sending domain to increase the perceived authenticity of the messages. It also uses the threat of legal action and urgency to manipulate recipients into acting quickly. 
• Report ANY suspicious emails using the Phish Alarm button.