Meta Podcast Scam
Meta Podcast Scam
Up next
Author
Tags
Share article
The post has been shared by 0 people.
Facebook 0
X (Twitter) 0
Pinterest 0
Mail 0

“We’d Love to Have You on Our Podcast” – The Business Manager Takeover Scam

That exciting podcast invitation in your inbox? It might be the first step in a sophisticated scheme to hijack your Facebook Business accounts.

A new wave of scammers is targeting business owners and influencers with fake podcast interview requests – not to steal your credit card info, but something potentially more valuable: admin access to your Meta Business Suite.

How This Scam Unfolds

Sarah, a small business owner, recently shared her close call: “The email looked completely legit. They had a professional signature, links to supposed past episodes, and even sent sample questions. I was excited about the exposure for my business.”

The setup is meticulous:

  1. You receive a personalized invitation to appear on a podcast related to your industry
  2. Professional-looking emails follow with scheduling options and prep materials
  3. A calendar invite is sent for a “technical setup call” before the actual interview
  4. During the call, the “producer” keeps their camera off and guides you through “necessary steps” to enable Facebook Live streaming
Read moreFake Stripe Payout Emails Are Targeting WordPress Site Owners Right Now

That final step is where the trap springs.

The Real Target: Your Business Manager Access

What these scammers actually want is for you to add them as an admin to your Meta Business Suite – giving them complete control over:

  • Your Facebook Page(s)
  • Linked Instagram accounts
  • Ad accounts (including payment methods)
  • Any client accounts you manage

Once they have admin access, they can:

  • Lock you out by removing your access
  • Run fraudulent ads using your payment methods
  • Ransom your accounts back to you
  • Sell access to your accounts on the dark web

According to the ACCC’s Scamwatch, business account takeovers increased 85% last year, with average losses exceeding $7,500 per incident.

Red Flags to Watch For

These scammers have polished their approach, but there are still telltale signs:

  • Sudden changes in contacts or communication style
  • Camera-off meetings with background noise or distractions
  • Rushed technical setup with pressure to complete it immediately
  • Guidance to add unknown users to your business accounts
  • Vague answers when asked about their previous content
  • Poor grammar or odd phrasing that wasn’t present in early communications

Protect Your Business With These Steps

Don’t let the excitement of potential exposure cloud your judgment. Here’s how to stay safe:

  1. Verify before trusting. Look up the podcast on multiple platforms. Listen to episodes. Check their social media engagement (not just follower counts, which can be faked).
  2. Never add unknown users to your Business Suite, even “temporarily” or for “technical reasons.”
  3. Establish a verification protocol. Before any collaboration involving account access, request a video call where you can see the other person and verify their identity.
  4. Implement two-factor authentication on all your Meta accounts immediately.
  5. Regularly audit your access permissions. In Business Settings, review “People” and “Partners” monthly to ensure only authorized users have access.

The “Canary Access” Strategy

Consider implementing what cybersecurity experts call a “canary phrase” for your business:

Create a specific phrase or code word that must be used by your team when requesting any admin access changes. For example: “Please add this user under Protocol Bluebird.”

If someone doesn’t use your established phrase when requesting access changes, it’s an immediate red flag – no matter how urgent or legitimate they sound.

What To Do If You’ve Been Targeted

  • If you accidentally gave access: Immediately log into your Business Manager and remove the unauthorized user
  • Change your password and enable two-factor authentication
  • Review all ad accounts for unauthorized spending
  • Report the incident to Meta through their Business Support channel
  • Document all communications for potential legal action

Remember: Legitimate podcasters will never need admin access to your social media accounts to interview you. The most they might request is permission to tag your page – which doesn’t require any access credentials.

Stay smart. Stay safe. Stay ahead.

Has this scam affected you or someone you know? Share your experience in the comments to help others recognize the warning signs.