In its quarterly threat reporting, Facebook announces what its team has been doing to help protect businesses against malware. The company says its security researchers have found hundreds of threat actors around the world over time. This year alone, they found nearly ten new malware strains, including those posing as ChatGPT browser extensions and productive tools.
When Facebook detects new malware, it takes action against it and shares it with industry peers about what they can do to prevent malware from attacking them. Since March, the company says it has blocked and shared more than 1,000 malicious links with its partners and reported several browser extensions and mobile apps.
“For example, one of the campaigns we recently disrupted leveraged people’s interest in Open AI’s ChatGPT to lure them into installing malware. In response to detection by our security teams and also our industry peers, we’ve seen bad actors quickly pivot to other themes, including posing as Google Bard, TikTok marketing tools, pirated software and movies, and Windows utilities,” said Nathaniel Gleicher, head of security policy of Facebook.
To attack businesses, Gleicher explains that these malicious groups often first go after the personal accounts of people who manage or are connected to business pages and advertising products. “Threat actors may design their malware to target a particular online platform, including building in more sophisticated forms of account compromise than what you’d typically expect from run-of-the-mill malware.”
With that in mind, Facebook not only does want to stop the most malware attacks it can, but it also will help businesses regain their access and make sure they don’t suffer from a phishing attack again with these steps:
- New malware removal support: To help businesses that may have unknowingly self-compromised their devices, Facebook is launching a new support tool that guides people step-by-step through how to identify and remove malware, including using third-party antivirus tools;
- Verifying connected Business Manager accounts: Facebook is making it easier for businesses to have more visibility and control over administrator changes in Business Manager. For example, businesses can create restrictions to only allow admins from trusted, selected domains and more effectively audit people’s access through a new active or inactive status filter to assess the status of admins;
- Increasing protections for sensitive account actions: Facebook is expanding authorization requirements for sensitive business account actions like accessing credit lines or changing business administrators by asking to authenticate with 2FA, email verification, or co-worker approval.
- Meta Work accounts: Later this year, Meta Work accounts will be rolled out and will allow business users to log in and operate Business Manager without requiring a personal account to prevent malicious groups from tackling personal accounts to gain control of business pages.
In addition, to prevent businesses from malware attacks, Facebook is announcing a best practices guide for keeping Business Manager accounts secure, such as installing anti-virus software, enabling two-factor authentication, using a unique password, turning on log-in alerts, and reviewing previous sessions.