Hackers sold personal, financial data on Facebook groups: Here's how
Facebook has been promising enhanced security, but its privacy-related debacles are not coming to an end. Just last week, we reported the exposure of 54 crore users' data, and now, in another shocking revelation, a security company has revealed that the platform itself was used for illegal activity. Specifically, a number of people have used Facebook groups to sell hacked personal information. Here's more.
74 Facebook groups used for illegal activity
After investigating user behavior on Facebook, security company Cisco Talos claimed that the platform hosted as many as 74 groups supporting illicit activity. They had nearly 385,000 members who engaged in the selling of personal and financial information, money laundering, and many other data bits that could easily be used to carry out serious cybercrimes.
What kind of information was sold through these groups
As ZDNet reports, some groups sold stolen credit card numbers, identities, emails, and login credentials for corporate and government accounts. This, as one could imagine, could have easily been leveraged by any of the nearly 400,000 members to conduct malware/phishing-based attacks or financial/identity fraud. To note, some groups in question had existed on the platform since 2011 and had thousands of active members.
Also, Facebook's discovery made finding these groups easier
The researchers claimed that finding these groups was easy as one could have just searched for keywords like "spam," "carding," or "CVV" to find them. In addition to this, the way Facebook's algorithms work further simplifies the process of finding the communities engaged in illicit activity. Basically, when a person would join one scam group, Facebook would automatically recommend others of the same kind.
Either way, the groups have been removed now
Following Cisco Talos' reports, Facebook swung into action and took down most of the suspicious groups in question. "These Groups violated our policies against spam and financial fraud and we removed them," a spokesperson from the company told ZDNet. "We know we need to be more vigilant and we're investing heavily to fight this type of activity."
Clearly, Facebook has a lot to do here
The discovery and subsequent removal of these groups clearly show that Facebook has a lot to do to curb illegal activity on its platform. User data being traded isn't a small thing, and you don't expect a leading tech company, especially one serving over 2 billion users, to support something like this (even unknowingly). Previously, such activity were spotted only on the dark web.
