Fake FB accounts monetizing politics
Fraudulent groups operating on social media platform Facebook were discovered to have been using politics to drive people to their websites and generate money out of advertisements.
Facebook on Thursday said it has removed 559 pages and 251 accounts for consistently violating rules against spam and coordinated inauthentic behavior.
Some of these pages and accounts, according to the company, have engaged in posting “clickbait” to drive people to websites that seem legitimate but are actually ad
farms, earning them money for every visitor to the site.
“The people behind the activity also post the same clickbait posts in dozens of Facebook groups, often hundreds of times in a short period, to drum up traffic for their websites. And they often use their fake accounts to generate fake likes and shares,” Facebook’s head of cybersecurity policy Nathaniel Gleicher and product manager Oscar Rodriguez said in a joint post.
“This artificially inflates engagement for their inauthentic pages and the posts they share, misleading people about their popularity and improving their ranking in news feed,” they added.
While topics like natural disasters or celebrity gossip have been popular ways to generate clickbait, the Facebook executives said networks are starting to use sensational political content to build an audience and drive traffic to their websites.
“Like the politically motivated activity we’ve seen, the ‘news’ stories or opinions these accounts and pages share are often indistinguishable from legitimate political debate,” Gleicher and Rodriguez said.
“This is why it’s so important we look at these actors’ behavior – such as whether they’re using fake accounts or repeatedly posting spam – rather than their content when deciding which of these accounts, pages or groups to remove,” they added.
The company did not identify the countries where the fraudulent networks operate.
However, it noted that the activity is timed with the upcoming midterm elections in the United States next month.
“Many were using fake accounts or multiple accounts with the same names and posted massive amounts of content across a network of groups and pages to drive traffic to their websites,” the company, referring to the recently-deleted accounts and pages, said.
“Many used the same techniques to make their content appear more popular on Facebook than it really was. Others were ad farms using Facebook to mislead people into thinking that they were forums for legitimate political debate,” it added.
Earlier this year, Facebook also blocked several Filipino websites from being shared on the site due to spam.
Some of these sites were known to have published false news stories about Philippine politics.
30 M users affected by data breach
Facebook has also begun sending notifications to some 30 million users whose personal information were compromised by a data breach discovered last month.
Facebook vice president for product management Guy Rosen said a closer investigation of the incident showed that 30 million – and not 50 million as earlier announced – were affected by the breach.
“For 15 million people, attackers accessed two sets of information – name and contact details (phone number, email, or both, depending on what people had on their profiles),” he said on Friday.
“For 14 million people, the attackers accessed the same two sets of information, as well as other details people had on their profiles. This included username, gender, locale/language, relationship status, religion, hometown, self-reported current city, birthdate, device types used to access Facebook, education, work, the last 10 places they checked into or were tagged in, website, people or pages they follow and the 15 most recent searches,” he added. Attackers did not access any information for the remaining one million people, Rosen said.
He said they have started sending customized messages to the 30 million people affected to explain what information the attackers might have accessed, as well as steps they can take to help protect themselves, including from suspicious emails, text messages or calls.
The breach involved a vulnerability in a code that enabled attackers to steal Facebook access tokens, which are the equivalent of digital keys that keep people logged in to a platform.
Using the tokens, attackers were able to take over people’s accounts and access personal information.
“They used an automated technique to move from account to account so they could steal the access tokens of those friends, and for friends of those friends, and so on,” Rosen said.
The Facebook executive said they immediately addressed the vulnerability two days after they discovered the attack on Sept. 25.
Users believed to be affected were logged out of their accounts as Facebook updated their access tokens.
Rosen said they are currently working with the United States Federal Bureau of Investigation in probing the matter.
The National Privacy Commission (NPC) earlier said that the company’s representatives in the Philippines have notified them of the breach.
“According to the company’s representatives, the investigation is still in its early stages. They have not determined yet how many Filipinos are affected and whether misuse of personal information had resulted from this breach,” privacy commissioner Raymund Liboro said.
“The NPC has prescribed breach management procedures in place and we expect Facebook to abide by these rules,” he added.