Beware of fake Facebook copyright notices

Happy Valentine's Day Friday!

…or Happy Singles Awareness Day—whatever your situation!

This latest attack targeting Facebook users is particularly relevant today. Why, you ask? Well, did you know that Facebook originally started on college campuses as a way for students to check if their classmates were single or in a relationship? Creepy, right? Who knew it would grow into the global platform it is today? According to Check Point Research (CPR), cybercriminals are exploiting Salesforce’s automated mailing service to distribute phishing emails that appear to come from noreply@salesforce.com. This gives the scam an added layer of legitimacy. These emails feature counterfeit Facebook branding and falsely accuse recipients of copyright infringement—such as unauthorized use of copyrighted music, images, artwork, or videos. The message warns that your account may be restricted, limiting your ability to post, live stream, or advertise unless you contest the claim immediately. 🚨 Red Flag: A sense of urgency is a classic phishing tactic Clicking the provided link takes you to a convincing fake Facebook login page that prompts you to enter your credentials to "Request a Review." In reality, this hands over your login information to attackers. The Takeaway If your business relies on Facebook, falling for this scam can allow attackers to hijack admin accounts, alter content, manipulate messaging, delete posts, and modify security settings. The consequences?

• Loss of client trust

• Customer attrition

• Potential legal action

For businesses in regulated industries like government contracting, healthcare, and finance, a breach could lead to compliance violations, hefty fines, and legal challenges.

Is your business prepared? Check your incident response plan (IRP) to ensure it includes:

• Steps for recovering compromised social media accounts

• Have alerts for suspicious logins

• Clear criteria for "unusual account activity"

• Social media security training for employees

These strategies can significantly reduce your vulnerability to this and future social media account takeover campaigns.

Stay safe out there.

-Attila

PS. How Secure is Your Business? Find Out in Minutes.

Cybersecurity isn't just about firewalls and software—your employees are your first and last line of defense. But how prepared are they to spot threats, follow best practices, and respond under pressure?

The Riskara 360 Employee Security Risk Assessment helps you uncover hidden vulnerabilities in your workforce by evaluating four key areas:

1. 🧭 Awareness – Do your employees recognize cybersecurity risks and follow workplace security protocols? 

2. 🏃‍♂️ Behaviors – Are security best practices part of their daily routine, or are they just checking boxes?

3. 💪 Habits  – Which security actions have become second nature—and which still need reinforcement?

4. ☂️ Resilience – How well does your team adapt and respond to cyber threats, social engineering, and security incidents?
   

   Visit riskara.com for more information.

New Friday Funnies

Did Adam and Eve ever have a date?

No, they had an apple.

Do you have a date for Valentine's Day?

Yes, it's February 14.