Meta on Thursday said it’s taking legal action to tackle scams on its platforms by filing lawsuits against what it calls deceptive advertisers based in Brazil, China, and Vietnam.
As part of the effort, the advertisers’ methods of payment have been suspended, related accounts have been disabled, and the website domain names used to pull off the scams have been blocked.
Concurrently, the social media giant said it has also issued cease and desist letters to eight marketing consultants who advertised the ability to bypass its ad policy enforcement systems. This included fake “un-ban” or account restoration services and renting access to trusted accounts so as to help clients bypass its controls.
At least three advertisers, two from Brazil and one from China, were found to engage in celeb-bait scams, which often involve misusing the image of well-known figures to trick people into clicking on bogus ads that lead to scam sites. These websites are designed to harvest sensitive data or dupe unsuspecting users into sending money or investing in fake platforms.
The three advertisers against whom Meta has filed lawsuits are listed below –
- Brazil-based Vitor Lourenço de Souza and Milena Luciani Sanchez are being sued for using altered images and voices of celebrities to promote fraudulent healthcare products.
- Brazil-based B&B Suplementos e Cosméticos Ltda. (Brites Corp), Brites Academia de Treinamento Ltda., Daniel de Brites Macieira Cordeiro, and José Victor de Brites Chaves de Araújo for being part of a scam operation that leveraged synthetic imagery of a prominent physician to advertise healthcare products without regulatory approval and sold courses teaching the same tactics.
- China-based Shenzhen Yunzheng Technology Co., Ltd for using celeb-bait ads to target people in various countries, including the U.S. and Japan, as part of a fraud scheme designed to lure them into joining investment groups.
“To fight celeb-bait scams, we developed protections for celebrities whose images are repeatedly used in these schemes,” Meta said. “This program currently protects the images of more than 500,000 celebrities and public figures around the world.”
In addition, the company noted that it sued Vietnam-based advertiser Lý Văn Lâm for using cloaking techniques to get around its review process. Cloaking refers to an adversarial technique that aims to conceal the true nature of a website linked to an ad in an attempt to fool ad review systems by serving one version of its content during the review and showing an entirely different and malicious content to real users.
In this case, the advertiser is said to have used scam ads to offer discounted items from well-known brands in exchange for completing a survey. People who interacted with these ads were taken to phony websites where they were asked to enter credit card information to purchase items that were never delivered. Their credit cards also incurred unauthorized, recurring fees, a practice known as subscription fraud.
The development comes months after a Reuters investigation found that 19% of Meta’s $18 billion in ad sales in China in 2024 came from ads for scams, illegal gambling, pornography, and other banned content. The report also uncovered agencies that allow businesses to run banned advertisements, prompting the company to put its Badged Partners program under review.
In an analysis of 14.5 million ads running on Meta platforms across the E.U. and U.K. over a 23-day period, Gen Digital found that nearly one in three of those ads (about 30.99%) pointed to a scam, phishing, or malware link.
“In total, scam ads generated more than 300 million impressions in less than a month,” the cybersecurity company said earlier this month. “The activity was highly concentrated, with just 10 advertisers responsible for over 56% of all observed scam ads. Repeated campaign clusters were traced to shared payment and infrastructure linked to China and Hong Kong, indicating organized, industrial-scale operations rather than isolated bad actors.”
These findings also coincide with the discovery of malicious infrastructure and underground services that have been used to peddle various kinds of scams –
- Scams have been found to combine malvertising and pig butchering fraud models to defraud victims, primarily those in Japan, by tricking them into clicking on investment-themed ads on social media. These ads redirect victims to websites that prompt them to engage with a supposed expert via messaging apps by scanning a QR code.
- Once victims are added to one-on-one and group chats with these so-called experts, who are nothing but artificial intelligence (AI)-powered chatbots in some cases, they are persuaded to invest progressively larger amounts of money, only to demand a “release fee” to unlock non-existent profits. More than 23,000 domains within this ecosystem have been discovered.
- Threat actors are compromising routers to alter DNS settings to use shadow resolvers hosted in Aeza International, a bulletproof hosting company (BPH) sanctioned by the U.S. Government in July 2025. This unauthorized modification is engineered to selectively alter DNS responses associated with Okta and Shopify, allowing the operators to direct users to scam and malware content by means of an HTTP-based traffic distribution system (TDS).
- A malicious push notification network has been observed using a network of malicious domains to target Android Chrome users all over the world with a steady stream of unwanted push notifications (e.g., “Android infected with malware!” or “System needs a scan”) after obtaining permissions in a bid to direct to scam sites and adult content. According to data from Infoblox, Bangladesh, India, Indonesia, and Pakistan represented 50% of all the traffic.
- A network of over 150 cloned, fake websites has been identified impersonating real law firms based in the U.S. and the U.K., and targeting users looking for legal advice and representation to promote a business impersonation scam.
- “The sites used the firm’s name, branding, and publicly available attorney identities, presenting themselves as legitimate legal and asset-recovery services, offering to help victims recover funds lost to prior fraud,” Sygnia said. “The campaign targeted individuals who had already suffered financial fraud.”
The proliferation of scams, fueled by a booming pig butchering‑as‑a‑service (PBaaS) economy, has not escaped law enforcement’s attention, as evidenced by the dismantling of scam compounds in Southeast Asia in recent months.
Earlier this month, the Cambodian government promised to crack down and dismantle cyber scam networks operating within its borders, adding that police officials launched 48 operations in the first nine months of 2025 to combat cyber fraud, arrested 168 people, and deported 2,722 people back to their home countries.
The ongoing efforts have cut scam activity in half since the start of this year, Senior Minister Chhay Sinarith, chairman of the Secretariat of the Commission for Combating Technology Crimes, was quoted as saying this week. Cambodian Prime Minister Hun Manet also acknowledged that online scam centres operating in the country are damaging the country’s reputation and undermining its economy.
