Facebook has launched a crackdown on cybercrime on its platform after security researchers from Cisco Talos discovered what it called an “online criminal flea market” on the site. They uncovered scores of groups where hundreds of thousands of members oversaw the trade of passwords, credit card information and hacking tools. The news comes as Facebook faces renewed criticism for its failure to moderate violent content, extremism and state-sponsored disinformation campaigns.
Indeed, Facebook has been tasked with putting out numerous dumpster fires in recent months, from Russian misinformation campaigns to neo-Nazi hate speech. Then there was the horror of a live-streamed mass murder in New Zealand.
Meanwhile, run-of-the-mill crooks continue to benefit from the openness of the platform to reach a wide audience to sell illegal offerings. It took a warning from the Cisco cybersecurity unit to get Facebook to remove 74 groups, many of whose 385,000 members were offering a wide array of cybercrime services. Those criminal offerings included stolen credit card details with CVV security numbers, usernames and passwords, and email spamming tools, a Cisco Talos report released Friday revealed. Some of the groups had managed to remain active for eight years.
“These groups violated our policies against spam and financial fraud and we removed them,” a Facebook spokesperson said over email. “We know we need to be more vigilant and we’re investing heavily to fight this type of activity.” Facebook said it was still investigating a number of those running the now-banned groups and had blocked their ability to create new ones.
Martin Lee, outreach manager at Cisco Talos, told Forbes there was no magic bullet to solving the cybercrime problem on Facebook. “Criminals are adept at abusing social platforms. To remove these activities we all need to work together.
“Platform administrators need to play their part in identifying and removing malicious groups. The wider security community must work together to actively share information, take action and inform our customers. But also we need to engage users and encourage them to be proactive in reporting abuse when they encounter it to help take down these groups.”
Facebook algorithm “helps you find spammers”
Anyone with a Facebook account can quickly find groups where criminal services are on offer or credit card information is traded. Just entering searches such as “spam,” “carding,” or “CVV” will typically return multiple results, and once a user joins, Facebook’s algorithm will recommend other groups, exacerbating the problem, Cisco Talos’ report noted. Together, the hubs of illegal activity had created something akin to an “online criminal flea market,” the researchers wrote.
“So far, Facebook has apparently relied on these communities to police themselves, which for obvious reasons, these criminal communities are reticent to do,” the report read. “As a consequence of this, a substantial number of cyber-scammers have continued to proliferate and profit from illegal activities.”
In some startling cases, credit card numbers and the CVV security codes on the back were being sold, sometimes with ID documents or photos of the victims. The cost, Cisco Talos told Forbes, was around $5 to $10 for credit card numbers and $25 to $30 for account log-ins. The researchers also saw some criminals asking to split profits 50/50 for money laundering services.
Other members were using Facebook to sell large email lists for spammers. One was promising to scam Apple customers, with a phishing email that included a fake invoice from the iPhone maker. When users asked to either view or cancel the order, they were taken to a phishing site where they’d be asked for their identifying information.
It’s been another annus horribilis so far for Facebook in terms of privacy, safety and security. It struggled to remove videos of the mass murder at Christchurch, New Zealand, mosques last month. Just weeks later it admitted that it had accidentally left as many as 600 million passwords exposed to its own staff in plain text, before quickly addressing the problem. And this month, a third-party app developer left an Amazon server containing Facebook IDs, account names, comments and post reactions open to anyone with an internet connection.
But it’s not the only platform having to deal with a massive influx of hate speech and illegality. Earlier this year, a Forbes investigation into Discord, a $1 billion-valued communications app aimed at gamers, found it was rife with many of the same breed of cybercriminal on Facebook, selling vast numbers of logins and credit card data. Previous reports revealed far-right groups have also migrated to Discord after being banned from mainstream social networks.
The problems have become so varied and voluminous that Facebook, Microsoft and other tech giants are now calling for more government regulation, something that not long ago seemed entirely anathema to the Silicon Valley elite.