Thursday, May 2, 2019
When you think of a cybercriminal, you probably picture someone in a black hoodie in a dark room on the dark web, but most cybercriminals are out there in plain sight, including on Facebook.
Talos,a cybersecurity firm, found that people can easily joinFacebook groups, and then participate in cybercrime including buying andselling credit card info, obtaining spamming tools, or even getting accountlogins and passwords. All in all, these groups have almost 400,000 members.
Thoughthat does sound like a lot, and it is a lot, you also have to remember thatFacebook has about 2 billion users logging into the site each month. With thatnumber of people, it is difficult for the social media giant to deal with thesegroups.
Thefailure of Facebook to remove these cybercriminals shows that it is strugglingto keep bad online behavior at bay, and this also include hate speech, incitingviolence, and sharing false information. This also, of course, show how thisbehavior can be amplified by the algorithms that Facebook uses.
Thesegroups are easy to find on Facebook. All you have to do is type things like CVVor spam. Once you join one of these groups, Facebook’s algorithms come intoplay and suggest other groups that are similar in nature. Plus, Facebookdoesn’t have a great way to catch these criminals, as it relies on reports fromother users to stop this type of behavior.
Becauseof this, Facebook really has a long way to go before it stops relying on thereports of its users. It’s also true that these reports aren’t always takenseriously, and they often fall through the cracks.
Onesuch example of this is with the recent terrorist attack in Christchurch, NewZealand. The gunman who was responsible for the attack streamed his murderousact on Facebook Live. Though Facebook eventually took the video down, it wasseen by thousands of people. However, Facebook said that it had no report ofthe video during the attack, which is why it took so long to remove it.
Knowing all of this, Talos tried to take on some of these crybercrime groups through the reporting system at Facebook. Some of these groups were, indeed, removed from the platform, but others were not. Instead, only specific posts were removed, while the group itself was able to live another day. Talos kept reporting these groups, however, and eventually, most of them were removed. However, new groups are now popping up to take the removed groups’ places. Facebook has acknowledged that there is a problem, and it admits that these groups have violated its policies. It also said that it knows that more vigilance is required and that it is investigating all types of criminal activity on the platform.
Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.