Facebook has fallen short of stopping cybercriminals from using the social network to openly buy and sell illegal goods and services, security researchers warned Friday.
Researchers at Cisco Talos reported finding dozens of different groups on Facebook recently serving as effective online marketplaces and exchanges for cybercriminals, making the social network a surprisingly popular alternative to illegal services hosted on significantly less public parts of the internet.
“In all, Talos has compiled a list of 74 groups on Facebook whose members promised to carry out an array of questionable cyber dirty deeds, including the selling and trading of stolen bank/credit card information, the theft and sale of account credentials from a variety of sites and email spamming tools and services,” the researchers said in a blog post.
The groups were followed by a total of roughly 385,000 members before Facebook began recently purging some of them upon being alerted by Talos, the researchers wrote.
“These groups violated our policies against spam and financial fraud and we removed them,” a spokesperson for Facebook said in a statement. “We know we need to be more vigilant and we’re investing heavily to fight this type of activity.”
Talos reported that some of the Facebook groups had evaded deletion for upwards of eight years despite having obvious names such as “Spam Professional” and “Facebook hack (Phishing),” and another that blatantly announced “Buy Cvv On THIS SHOP,” referring to the security codes typically found on the back of credit cards.
“Facebook has apparently relied on these communities to police themselves, which for obvious reasons, these criminal communities are reticent to do. As a consequence of this, a substantial number of cyber-scammers have continued to proliferate and profit from illegal activities,” concluded the Talos report.
“Operating with impunity, these attackers relentlessly probe cyber-defenses of enterprises everywhere. This is a high-stakes endeavor because an attacker with even the smallest foothold inside an organization can do considerable damage. “
Talos published its findings following a handful of less than flattering reports this week involving Facebook, including a third-party data leak that exposed roughly 540 million user records and revelations about the company’s contract with the Daily Telegraph, a British newspaper being paid by the company to publish positive articles about its product.
Facebook is slated to send an executive next week to Capitol Hill, meanwhile, where members of the House Judiciary Committee are slated to hold a hearing Tuesday to examine hate crimes and white nationalism and their connection to social media and the internet.
• Andrew Blake can be reached at ablake@washingtontimes.com.
Please read our comment policy before commenting.