Welcome to the First Column IT Tech Blog

HomeBlog
New Malware Sets Sights on Stealing Your Facebook Business Account

New Malware Sets Sights on Stealing Your Facebook Business Account

December 13, 2023

With so many businesses putting time and effort to cultivate an active following on social media, it only makes sense that cybercriminals try to get a piece of the pie.

A new malware strain particularly targets Facebook business accounts to run malicious advertising campaigns on your dime.

“Professional” Budget Tracking Templates Spread Social Media Malware

The cybercriminals behind this one definitely understand their audience. They’ve created malware that poses as a free budgeting spreadsheet that users can open up in Microsoft Excel or Google Sheets. So far, most of the cases reported involve the cybercriminals offering the tool via Facebook, specifically to business page admins, through Facebook Messenger. It’s likely that these “resources” can be shared in plenty of other ways as well.

Once opening the file, the malware “NodeStealer” is installed (although in some cases, it came with additional malware that could steal cryptocurrency, disable Microsoft Defender, and more). It then steals your social media credentials, in particular, your Facebook business credentials, and compromises your accounts so criminals can quickly deploy ads using your financial information to spread more malware.

If you’ve ever had any experience trying to work with Facebook to reclaim an account (or get any kind of professional support as a small business on the social network) you probably can guess how painful this can become if your organization values its social media presence.

How to Avoid this Cyberthreat

Like most threats, it comes down to thinking before you click. If someone you don’t know is randomly offering you a free resource, do a little research before you just click on it and download it. If something seems suspicious, it probably is.

Also, make sure you have multi-factor authentication set up for your Google, Facebook, Microsoft, LinkedIn, and Twitter/X accounts, as well as any other accounts that offer it. This is a huge additional layer of security that will keep most bad guys out of your stuff even if your passwords become compromised.

Of course, if you think something has been compromised, you should also update all of your passwords.

Looking to avoid cyberthreats and secure your business? Give us a call at (571) 470-5594 to talk about how we can keep your organization safe.

Previous Post
May 9, 2025
Adjusting Your Business IT Approach Can Bring Greater Outcomes
Is your business technology a tangled web of frustrations? You're certainly not navigating this digital dilemma alone. We frequently hear from organizations grappling with sluggish networks, outdated software that feels like a relic from the dial-up era, and the ever-present anxiety of safeguarding crucial business data.
May 7, 2025
A Quick Introduction to the Drives in Microsoft Windows
Windows is, for the most part, the default operating system you can expect to see in a business setting. That said, some owners have never used a Windows computer before, instead using a simple Chromebook or a Mac. Still, it’s good to know how Windows works, especially since it seems there’s a significant gap in knowledge.
May 5, 2025
How Your Business Can Implement Better Cybersecurity Training Practices
Cybersecurity isn’t the most fun thing to talk about, but it’s still important. This is especially for your employees who are on the front lines, the most likely folks to encounter threats during their day-to-day tasks. Today, we want to cover how your business can build better cybersecurity training practices that can keep your business secure for the long haul.

Have a project in mind?

Start with our free consultation for VA, DC and MD companies. We will provide a detailed proposal and firm quote based on your specific IT support needs. All at a predictable monthly cost per seat.
Free Consultation - Sign Up Here