Threat Alert: META-THEMED LURES Harvest User Credentials

• A series of phishing attacks are abusing the Meta brand.
• While the lures impersonate Meta, the sending address is an unassociated Gmail account.
• The lures claim the recipient has violated political ad policies on Meta’s platforms, and the recipients are instructed to follow a link to request to review. 
• The lures allege recipients only have 24 hours to request a review, after which their account may be permanently banned.
• Clicking the link and following the request for review instructions ultimately leads to the harvesting of a recipient’s personal and professional data, as well as the user’s Facebook password and authentication code.

Key Action: Report Suspicious Emails 

• Remain alert to phishing indicators. Mismatches between sending addresses and an organization’s name are always warning signs.
• Remember cybercriminals take advantage of strong emotions. An email warning of permanent account banning is intended to be stressful. Cybercriminals seek to capitalize on moments of anxiety and the difficulty in thinking clearly in such situations.
• Report ANY suspicious emails using the Phish Alarm button.