Facebook has released its quarterly threat report, which outlines the efforts made by its security researchers to protect businesses against malware. According to the report, Facebook has identified hundreds of threat actors globally and has discovered nearly ten new malware strains this year alone, including some that are disguised as ChatGPT browser extensions and productivity tools.
When Facebook identifies new malware, it takes swift action to combat it and shares information about it with industry partners to help prevent further attacks. In the last few months, Facebook has blocked and shared over 1,000 malicious links with its partners and reported several suspicious browser extensions and mobile apps.
Recently, Facebook disrupted a campaign that was using people’s interest in Open AI’s ChatGPT to trick them into installing malware. As a result of this detection, both Facebook’s security teams and industry partners have seen malicious actors shifting their tactics to other themes, such as posing as Google Bard, TikTok marketing tools, pirated software and movies, and Windows utilities. Nathaniel Gleicher, Facebook’s Head of Security Policy, noted this trend and reaffirmed the company’s commitment to combating malicious activities and keeping its users safe.
According to Nathaniel Gleicher, head of security policy at Facebook, malicious groups often target personal accounts connected to business pages and advertising products before launching attacks on the businesses themselves. These groups may design their malware to target a specific online platform, making it more challenging to detect and combat.
To help businesses prevent and recover from malware attacks, Facebook has launched several new initiatives. These include a new support tool that provides step-by-step guidance on how to identify and remove malware, a verification process for connected Business Manager accounts, and increased authorization requirements for sensitive account actions such as accessing credit lines or changing business administrators.
Later this year, Facebook plans to introduce Meta Work accounts, which will allow business users to log in and operate Business Manager without requiring a personal account. This measure aims to prevent malicious groups from targeting personal accounts to gain control of business pages.
To further promote the security of Business Manager accounts, Facebook is also releasing a best practices guide. This guide includes recommendations such as installing anti-virus software, enabling two-factor authentication, using unique passwords, turning on login alerts, and reviewing previous sessions.
By implementing these measures, Facebook hopes to better protect businesses from malware attacks and help them recover quickly if an attack does occur.