Digital Safety Helpdesk
Back to News

Fake Meta Business Manager App is a Hacking Tool!

Written by
SMEX
Published on
05 Jan 2023

Earlier this month, our Digital Safety Helpdesk received a message from a business owner whose Facebook and Instagram accounts were hacked. Shortly after, Meta suspended her accounts for violating the terms of conduct. It turned out that the hacker had posted sexual content on her profiles.

What happened?
The user tried to download Meta’s Business Manager app that helps manage social media accounts under Meta. Upon searching the app’s name on the Apple store, the user downloaded the first application she found. The app looked almost the same as the official one, with the same name and a very similar logo to the official application by Meta, you can see below. Unfortunately, the downloaded app was in fact a hacking tool. Once the user entered her Facebook and Instagram credentials, she lost all access to her Facebook page, her Instagram account and her WhatsApp number was banned.

The official logo of Business Manager by Meta.

 

The logo of the malicious app replicating Business Manager.

 

How did we help?
The Helpdesk team conducted a forensic analysis to identify how her Meta accounts were hacked and why they were suspended. We found out that the downloaded malicious app was the reason behind what happened. We then contacted Meta’s team to explain the situation and help the user regain access to her accounts.

How to protect your online accounts against hacking attempts?

  • Make sure you always double check and research the application you want to download before entering any account’s password, even if it is from an official source like Apple store or Google Play.
  • Always check the developers’ details: Verify the developer by checking their official name, searching reviews about them, and check whether they have other valid apps on the store.
  • Activate Two-Factor Authentication(2FA) on all accounts to avoid such hacking attempts.
  • Use a password manager that would notify you when an application is malicious.

If you suspect that your account has been compromised, please do not hesitate to contact the Digital Safety Helpdesk at SMEX.

The Digital Safety Helpdesk can be reached on:

This article can be found in Arabic here.
SMEX

About the author

SMEX is a registered Lebanese NGO that works to advance self-regulating information societies in the Middle East and North Africa.