Social Platforms Face Scrutiny Over Scam Advertising and Messaging-Facilitated APP Fraud
Meta said it is pursuing legal action against advertisers it alleges ran celeb-bait scam ads on its platforms, including defendants based in Brazil, China, and Vietnam. Meta reported suspending the advertisers’ payment methods, disabling related accounts, and blocking domains used in the campaigns, which allegedly misused celebrity images/voices (including synthetic media) to drive victims to scam sites that harvest sensitive data or solicit money via fraudulent products and investment schemes; Meta also said it sent cease-and-desist letters to marketing consultants promoting services to bypass ad-policy enforcement (e.g., “un-ban” services and renting access to trusted accounts).
Separately, a Revolut report on Authorised Push Payment (APP) fraud found scam origination increasingly tied to encrypted/direct messaging channels, with Telegram exceeding 20% of reported scam origination and showing significant growth versus 2024, while Meta-owned platforms collectively remained the largest source at 44%. The report highlighted category concentration by platform, including Telegram and WhatsApp accounting for major shares of investment and job scams (with Telegram cited as over 58% of job scams), reinforcing that a large portion of financial fraud is initiated on social and messaging platforms and prompting calls for stronger platform accountability.

Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
4 events from the most recent confirmed update back to the earliest known activity.
Gen Digital details scam-ad evasion methods on Meta platforms
Gen Digital published research describing how scam advertisers on Meta platforms use multi-link ads, URL masking, typosquatting, deceptive subdomains, Unicode obfuscation, and hidden impersonation to evade moderation. The report said ad-by-ad takedowns are too limited and called for stronger advertiser verification, better destination transparency, and campaign-level disruption.
Meta files lawsuits against advertisers behind celeb-bait scams
Meta announced legal action against deceptive advertisers in Brazil, China, and Vietnam accused of running celeb-bait and cloaking-based scam campaigns on its platforms. The company said it also suspended payment methods, disabled related accounts, blocked scam domains, and sent cease-and-desist letters to consultants offering ad-policy evasion services.
Revolut calls for platforms to share accountability for APP fraud
Alongside its fraud findings, Revolut said financial institutions cannot solve authorised push payment fraud alone and urged mandatory accountability for the online platforms where scams originate. The report also highlighted Meta-owned platforms as the largest overall source of reported APP scams and noted a sharp rise in TikTok-originated scam reports.
Telegram becomes top source of reported job scam activity
Revolut reported that Telegram generated over 20% of authorised fraud origination and overtook WhatsApp in reported scam cases. The company said Telegram's share of scam cases grew by more than 30% compared with 2024 and that the platform accounted for the majority of reported job scams.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
3 references tracked. Mallory keeps watching after this page renders.
Gen Blogs | The Scam Ad Machine: Part II
gendigital.com
Open sourceMeta Files Lawsuits Against Brazil, China, Vietnam Advertisers Over Celeb-Bait Scams
thehackernews.com
Open sourceTelegram rises to top spot in job scam activity - Help Net Security
helpnetsecurity.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.


