Skip to main content
Meet us at Black Hat USA 2026— Las Vegas, August 1–6Book a Meeting
Mallory
Back to intelligence
identity-impersonation-fraudfinancial-sector-threatenforcement-actionai-enabled-threat-activity

Social Platforms Face Scrutiny Over Scam Advertising and Messaging-Facilitated APP Fraud

Updated 2d agoFirst seen Feb 27, 20263 sources

Meta said it is pursuing legal action against advertisers it alleges ran celeb-bait scam ads on its platforms, including defendants based in Brazil, China, and Vietnam. Meta reported suspending the advertisers’ payment methods, disabling related accounts, and blocking domains used in the campaigns, which allegedly misused celebrity images/voices (including synthetic media) to drive victims to scam sites that harvest sensitive data or solicit money via fraudulent products and investment schemes; Meta also said it sent cease-and-desist letters to marketing consultants promoting services to bypass ad-policy enforcement (e.g., “un-ban” services and renting access to trusted accounts).

Separately, a Revolut report on Authorised Push Payment (APP) fraud found scam origination increasingly tied to encrypted/direct messaging channels, with Telegram exceeding 20% of reported scam origination and showing significant growth versus 2024, while Meta-owned platforms collectively remained the largest source at 44%. The report highlighted category concentration by platform, including Telegram and WhatsApp accounting for major shares of investment and job scams (with Telegram cited as over 58% of job scams), reinforcing that a large portion of financial fraud is initiated on social and messaging platforms and prompting calls for stronger platform accountability.

Share:
Social Platforms Face Scrutiny Over Scam Advertising and Messaging-Facilitated APP Fraud
Stay ahead

Get ahead of threats like this

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.

EVENT TIMELINE

How this story unfolded

4 events from the most recent confirmed update back to the earliest known activity.

4 EVENTS
Mar 20, 20263mo ago

Gen Digital details scam-ad evasion methods on Meta platforms

Gen Digital published research describing how scam advertisers on Meta platforms use multi-link ads, URL masking, typosquatting, deceptive subdomains, Unicode obfuscation, and hidden impersonation to evade moderation. The report said ad-by-ad takedowns are too limited and called for stronger advertiser verification, better destination transparency, and campaign-level disruption.

Feb 27, 20264mo ago

Meta files lawsuits against advertisers behind celeb-bait scams

Meta announced legal action against deceptive advertisers in Brazil, China, and Vietnam accused of running celeb-bait and cloaking-based scam campaigns on its platforms. The company said it also suspended payment methods, disabled related accounts, blocked scam domains, and sent cease-and-desist letters to consultants offering ad-policy evasion services.

Feb 26, 20264mo ago

Revolut calls for platforms to share accountability for APP fraud

Alongside its fraud findings, Revolut said financial institutions cannot solve authorised push payment fraud alone and urged mandatory accountability for the online platforms where scams originate. The report also highlighted Meta-owned platforms as the largest overall source of reported APP scams and noted a sharp rise in TikTok-originated scam reports.

Telegram becomes top source of reported job scam activity

Revolut reported that Telegram generated over 20% of authorised fraud origination and overtook WhatsApp in reported scam cases. The company said Telegram's share of scam cases grew by more than 30% compared with 2024 and that the platform accounted for the majority of reported job scams.

LINKED ENTITIES

Related entities

Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.

22 LINKEDOpen in app
Affected products
5 linked
FacebookTelegramWhatsappInstagramTiktok
Organizations
17 linked
Meta PlatformsB&B Suplementos e Cosméticos Ltda.Shenzhen Yunzheng Technology Co., LtdBrites Academia de Treinamento Ltda.RevolutAmazon Web ServiceseBayOktaAvastBritish Broadcasting CorporationShopifyReutersInfobloxSygniaAEZA GroupAliExpressEtsy
The operational view lives in Mallory

See the full picture, correlated to your attack surface.

This page covers what’s public. Mallory adds the parts that aren’t — which of your assets are affected, which threat actors are using it right now, which detections to deploy, and what to do next.
Exposure mapping

Map indicators from this story to your assets and identify affected systems in minutes.

Threat actor evidence

Every observed campaign, victim, and pivot linked to actors named in this story.

Associated malware

Malware, exploits, and IOCs connected to the activity described here.

Detection signatures

YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.

Scheduled alerts

Get matching new stories delivered to your team as they break — not the next morning.

AI threads

Ask questions about this story and take action on the answers.

Social Platforms Face Scrutiny Over Scam Advertising and Messaging-Facilitated APP Fraud | Mallory