Counterfeiters, identity thieves, spammers and scammers have been using Facebook to sell their services, even after a crackdown last year, according to a new report. Talos, the cybersecurity research agency, found that dozens of Facebook groups were "shadowy (at best) and illegal (in the worst case)," with names like "Facebook hack (Phishing)." and "Spammer & Hacker Professional". The groups have been closed. below, but Talos is asking Facebook to monitor the suspected groups more proactively, complaining that "these communities are apparently trusted to control themselves."
The Talos report highlights 74 groups with a total of 385,000 members. Facebook users can search the groups by searching for keywords, such as "spam" or "carding", and Talos says that if a user joined one, Facebook would recommend related groups automatically, "make the new places of criminal meetings are even easier to find. " Some members posted stolen credit card numbers when publishing the victims' driver's licenses, and others posted requests for help transferring large sums of money or accessing computer networks.
Some sellers simply seemed to be ripping off buyers, not offering real services. But Talos linked some of the publications with real spam or phishing campaigns. Facebook has had a long-term problem with cybercrime. In 2018, security researcher Brian Krebs found 120 private groups with 300,000 members offering botnets, fraudulent tax refunds and other illegal services. Facebook eliminated the groups shortly after being alerted. But another researcher, Justin Shafer, alerted the motherboard about more examples, some of which had been operating for years. Talos says he found several new operations with names that were "remarkably similar, if not identical," to those on the Krebs list.
Facebook tells The Verge that it eliminated the groups after Talos exposed them, and Continues looking for related accounts or groups. "These groups violated our policies against spam and financial fraud and we eliminated them. We know we have to be more vigilant and we are investing heavily to combat this type of activity, "said a spokesman, who says that most of the groups were created in 2018.
Talos offers a less flattering account of the takedowns, saying that Facebook's abuse teams initially left some groups, opting only to eliminate specific publications. "Eventually, through contact with the Facebook security team, most of the Malicious groups were quickly eliminated, however, new groups keep popping up, and some are still active from the date of publication, "he says.
Facebook has more than 2 billion users, and it's not surprising that criminals try to attract customers there. (Groups can also be abused in more subtle ways: the addiction support pages, for example, they can be exploited by predatory treatment centers). The big question is how these bad actors can be eliminated more quickly, or they can be prevented from creating these groups in the first phase. place. For now, Talos says he continues to work with Facebook to identify groups for elimination.