[ad_1]
You may be surprised at what you can buy on Facebook if you know where to look. Researchers from Cisco's Talos security research team have discovered a wave of Facebook groups dedicated to making money from a variety of illicit and even inconsistent online behaviors, including phishing attempts, negotiation of pirated identity data and spam. The 74 groups of researchers detected have a cumulative total of 385,000 members.
Remarkably, the groups did not even really try to hide their activities. For example, Talos found that publications openly sell credit card numbers with three-digit CVV codes, some with pictures of the card owner. According to the research group:
The majority of these groups use fairly obvious group names, including "Spam Professional", "Spammer & Hacker Professional", "Buy Cvv in this shop, BTC payment" and "Facebook hacking (phishing)." Some of these groups have managed to stay on Facebook for eight years and have acquired tens of thousands of members.
Beyond the sale of stolen IDs, Talos has documented users selling fictitious accounts for governments and organizations, valuing their expertise in transferring large sums of money and offering to create fake passports and other documents identity.
The new search is not the first time that Facebook users are victims of cybercrime. In 2018, Brian Krebs reported 120 groups of more than 300,000 members engaged in similar activities, including phishing programs, spam, botnets, and on-demand DDoS attacks.
As Talos researchers explain in their blog post: "A few months later, although specific groups identified by Krebs were permanently disabled, Talos discovered a new set of groups, some with names remarkably similar, even identical, to the groups described by Krebs. . "
"Some groups were deleted immediately, but only other groups were removed," said Talos researcher Jaeson Schultz. "Finally, thanks to contact with Facebook's security team, the majority of malicious groups were quickly removed, but new groups continue to appear, and some are still active as of the date of publication."
Anti-cybercrime groups are another example of the law enforcement game that Facebook continues to play on its gigantic platform. Across the social network – and without the company devoting sufficient resources to more comprehensive detection methods – it's difficult for Facebook to track the types of illicit or potentially harmful behaviors that flourish in unsupervised recesses of his vast platform.
"These groups have violated our policies against spam and financial fraud and we have removed them," said a Facebook spokesman at TechCrunch. "We know we need to be more vigilant and we are investing heavily to combat this kind of activity."
[ad_2]
Source link