Fake FB accounts mon­e­tiz­ing pol­i­tics

The Philippine Star - - FRONT PAGE - – Janvic Ma­teo

Fraud­u­lent groups op­er­at­ing on so­cial me­dia plat­form Face­book were dis­cov­ered to have been us­ing pol­i­tics to drive peo­ple to their web­sites and generate money out of ad­ver­tise­ments.

Face­book on Thurs­day said it has re­moved 559 pages and 251 accounts for con­sis­tently vi­o­lat­ing rules against spam and co­or­di­nated in­au­then­tic be­hav­ior.

Some of these pages and accounts, ac­cord­ing to the com­pany, have en­gaged in post­ing “click­bait” to drive peo­ple to web­sites that seem le­git­i­mate but are ac­tu­ally ad

farms, earn­ing them money for ev­ery vis­i­tor to the site.

“The peo­ple be­hind the ac­tiv­ity also post the same click­bait posts in dozens of Face­book groups, of­ten hun­dreds of times in a short pe­riod, to drum up traf­fic for their web­sites. And they of­ten use their fake accounts to generate fake likes and shares,” Face­book’s head of cy­ber­se­cu­rity pol­icy Nathaniel Gle­icher and prod­uct man­ager Os­car Ro­driguez said in a joint post.

“This ar­ti­fi­cially in­flates en­gage­ment for their in­au­then­tic pages and the posts they share, mis­lead­ing peo­ple about their pop­u­lar­ity and im­prov­ing their rank­ing in news feed,” they added.

While top­ics like nat­u­ral disasters or celebrity gos­sip have been pop­u­lar ways to generate click­bait, the Face­book ex­ec­u­tives said net­works are start­ing to use sen­sa­tional po­lit­i­cal con­tent to build an au­di­ence and drive traf­fic to their web­sites.

“Like the po­lit­i­cally mo­ti­vated ac­tiv­ity we’ve seen, the ‘news’ sto­ries or opin­ions these accounts and pages share are of­ten in­dis­tin­guish­able from le­git­i­mate po­lit­i­cal de­bate,” Gle­icher and Ro­driguez said.

“This is why it’s so im­por­tant we look at these ac­tors’ be­hav­ior – such as whether they’re us­ing fake accounts or re­peat­edly post­ing spam – rather than their con­tent when de­cid­ing which of these accounts, pages or groups to re­move,” they added.

The com­pany did not iden­tify the coun­tries where the fraud­u­lent net­works op­er­ate.

How­ever, it noted that the ac­tiv­ity is timed with the up­com­ing midterm elec­tions in the United States next month.

“Many were us­ing fake accounts or mul­ti­ple accounts with the same names and posted mas­sive amounts of con­tent across a net­work of groups and pages to drive traf­fic to their web­sites,” the com­pany, re­fer­ring to the re­cently-deleted accounts and pages, said.

“Many used the same tech­niques to make their con­tent ap­pear more pop­u­lar on Face­book than it re­ally was. Oth­ers were ad farms us­ing Face­book to mislead peo­ple into think­ing that they were fo­rums for le­git­i­mate po­lit­i­cal de­bate,” it added.

Ear­lier this year, Face­book also blocked sev­eral Filipino web­sites from be­ing shared on the site due to spam.

Some of these sites were known to have pub­lished false news sto­ries about Philip­pine pol­i­tics.

30 M users af­fected by data breach

Face­book has also be­gun send­ing no­ti­fi­ca­tions to some 30 mil­lion users whose per­sonal in­for­ma­tion were com­pro­mised by a data breach dis­cov­ered last month.

Face­book vice pres­i­dent for prod­uct man­age­ment Guy Rosen said a closer in­ves­ti­ga­tion of the in­ci­dent showed that 30 mil­lion – and not 50 mil­lion as ear­lier an­nounced – were af­fected by the breach.

“For 15 mil­lion peo­ple, at­tack­ers ac­cessed two sets of in­for­ma­tion – name and contact de­tails (phone num­ber, email, or both, de­pend­ing on what peo­ple had on their pro­files),” he said on Fri­day.

“For 14 mil­lion peo­ple, the at­tack­ers ac­cessed the same two sets of in­for­ma­tion, as well as other de­tails peo­ple had on their pro­files. This in­cluded user­name, gen­der, lo­cale/lan­guage, re­la­tion­ship sta­tus, re­li­gion, home­town, self-re­ported cur­rent city, birth­date, de­vice types used to ac­cess Face­book, ed­u­ca­tion, work, the last 10 places they checked into or were tagged in, web­site, peo­ple or pages they fol­low and the 15 most re­cent searches,” he added. At­tack­ers did not ac­cess any in­for­ma­tion for the re­main­ing one mil­lion peo­ple, Rosen said.

He said they have started send­ing cus­tom­ized mes­sages to the 30 mil­lion peo­ple af­fected to ex­plain what in­for­ma­tion the at­tack­ers might have ac­cessed, as well as steps they can take to help pro­tect them­selves, in­clud­ing from sus­pi­cious emails, text mes­sages or calls.

The breach in­volved a vul­ner­a­bil­ity in a code that en­abled at­tack­ers to steal Face­book ac­cess to­kens, which are the equiv­a­lent of dig­i­tal keys that keep peo­ple logged in to a plat­form.

Us­ing the to­kens, at­tack­ers were able to take over peo­ple’s accounts and ac­cess per­sonal in­for­ma­tion.

“They used an au­to­mated tech­nique to move from ac­count to ac­count so they could steal the ac­cess to­kens of those friends, and for friends of those friends, and so on,” Rosen said.

The Face­book ex­ec­u­tive said they im­me­di­ately ad­dressed the vul­ner­a­bil­ity two days af­ter they dis­cov­ered the at­tack on Sept. 25.

Users be­lieved to be af­fected were logged out of their accounts as Face­book up­dated their ac­cess to­kens.

Rosen said they are cur­rently work­ing with the United States Fed­eral Bureau of In­ves­ti­ga­tion in prob­ing the mat­ter.

The Na­tional Pri­vacy Com­mis­sion (NPC) ear­lier said that the com­pany’s rep­re­sen­ta­tives in the Philip­pines have no­ti­fied them of the breach.

“Ac­cord­ing to the com­pany’s rep­re­sen­ta­tives, the in­ves­ti­ga­tion is still in its early stages. They have not de­ter­mined yet how many Filipinos are af­fected and whether mis­use of per­sonal in­for­ma­tion had re­sulted from this breach,” pri­vacy com­mis­sioner Ray­mund Li­boro said.

“The NPC has pre­scribed breach man­age­ment pro­ce­dures in place and we ex­pect Face­book to abide by these rules,” he added.

Newspapers in English

Newspapers from Philippines

© PressReader. All rights reserved.