This Is How Scammers Can Hack Your Facebook by Promising Monetization
भदौ १९, २०८२ १२:४२
Kathmandu: Meta officially launched its content monetization service in Nepal this week, adding the country to its list of monetization-eligible markets. With this, Nepali Facebook users, especially professional accounts and page operators, can now earn money by posting content.
At the same time, scam activity linked to monetization has started to rise. Gangs posing as copyright enforcers or Meta representatives are attempting to hijack Facebook accounts and pages. On Tuesday evening, comedian Manoj Gajurel revealed that he had received a phishing email. “Since Facebook monetization was enabled in Nepal, scammers and hackers are on the rise. They send fake messages as if they came directly from Facebook,” he said.
The screenshot he posted showed an email from someone named Bhagya Shah, sent from an ieee.org domain. The fact that a phishing link came through the address of a trusted organization like IEEE (Institute of Electrical and Electronics Engineers) has raised suspicions.
Cybersecurity experts say this is an example of email spoofing, a cyberattack where hackers forge the sender’s address. This tricks recipients into believing the email is from a trusted source such as a bank, colleague, or well-known company. The goal is usually to steal personal data, install malware, or commit financial fraud.
A search for Bhagya Shah led to a Facebook profile claiming affiliation with the “IEEE Student Chapter, NIT Surat.” The profile appeared to be connected to IEEE, suggesting that the user’s email may have been hacked and used to send phishing messages.
Alongside phishing, scammers are also trying to hijack Facebook profiles and pages by exploiting the new monetization feature. They pose as Meta support, offer to boost posts or “set up” monetization, and then demand admin access to pages. Once access is granted, they take full control.
Some even leave fake reviews on pages, warning administrators that their content has violated copyright rules. These reviews claim that unless settings are “fixed,” the page will be permanently disabled. If the page owner follows the instructions and hands over cached login data, the scammers hack the page.
Fraudsters also create pages with misleading names such as Notification, Meta for Business, or simply Meta. From these pages, they send threatening messages claiming that the user’s page is about to be disabled. Out of fear, many victims follow the instructions, only to lose control of their accounts.
पछिल्लो अध्यावधिक: भदौ १९, २०८२ १२:४२
