Security researchers at Trustwave discovered a new hacking strategy that utilizes fake ads to lure unsuspecting Facebook users to download malware on their Windows PCs.

The hackers are allegedly creating new Facebook business accounts or hijacking existing ones to increase their victims.

Read Also: Clicked on a Suspicious Link? Here's What to Do Next

Fake Facebook Ads Targets Vulnerable PC Users

According to researchers, hackers are now establishing fake ads that promote downloads of pirated games and software. Some of the suspicious ads included downloads for Sora AI, 3D Image Creator, and One Click Active.

Bleeping Computer obtained sample screenshots of the fake ads, wherein most of them promote free downloads and activation keys for popular applications. The ads are uploaded through newly created Facebook business pages or hacked accounts.

Hackers would take control of an existing business page and will rename it based on the advertisement. Some users could be easily deceived especially if the hijacked account holds a huge following.

"The threat actors assume the business identity by renaming the Facebook pages, this allows them to leverage the existing follower base to amplify the reach of their fraudulent advertisement significantly," Trustwave reported.

Fake Facebook Ads Malware Strategy Traced in Vietnam, Philippines

Trustwave revealed that most of the pages are commonly administered by individuals from Vietnam and the Philippines. The hackers often take measures to create thousands of ads for each campaign.

Once users click on the ad, they will be redirected to webpages that are hosted by Google Sites or True Hosting, posing to be a legitimate download page for the promised content.

A ZIP archive file will be downloaded to the browser which contains renamed files for the promised content. However, the file contains the SYS01 information-stealing malware which could easily steal data and infect the computer.

Related Article: How to Protect Yourself Immediately When Your Data is Breached