Talos, a team of cybersecurity researchers from Cisco, has published this Friday a report on dozens of scam groups it has been tracking over the last few months on Facebook, engaged in activities such as phishing, selling fake or stolen credentials and spam.
The Talos researchers found 74 groups with a total of 385,000 members together. The names of these groups were as blatant as “Spam Professional”, “Facebook hack (Phishing)”, “Spammer & Hacker Professional” or “Buy Cvv [credit card security code] On THIS SHOP PAYMENT BY BTC 💰💵”.
“Facebook is home to dozens of groups that serve as online markets and cybercriminal exchanges,” Cisco researchers point out, adding:
Despite fairly obvious names, some of these groups have managed to stay on Facebook for up to eight years, and in the process have acquired tens of thousands of members.
In addition to stolen credentials, Talos found users who also sold fictitious government and organizational accounts. Some of the members of these groups even published stolen credit card numbers along with victims’ driver’s licenses, while others published requests for help in transferring large sums of money or accessing computer networks.
Although the platform has already closed the groups, the report calls on Facebook to be more proactive in detecting content and users who violate its own rules, complaining that it appears to depend on users to report such “illegal and illicit activities to curb any abuse.
In 2018, the report recalls, Brian Krebs reported 120 groups with more than 300,000 members together that were engaged in similar activities, such as phishing schemes, spam, botnets and on-demand DDoS attacks. “Months later, although the specific groups identified by Krebs had been permanently disabled, Talos discovered a new set of groups, some with names very similar, if not identical, to the groups reported by Krebs.
“While some groups were immediately removed, in other groups specific publications were only removed,” notes Jaeson Schultz, one of the Talos researchers. “Finally, through contact with the Facebook security team, most of the malicious groups were quickly removed, but new groups are still appearing and some are still active at the time of publication.
The Cisco team has once again highlighted Facebook’s inefficiency in detecting content that violates its own publishing policies. Cybercrime is just one of the problems that the social network must solve. The social network has also been in the spotlight since last year for its inability to detect hate speech, linked even to the deaths of people in countries like Myanmar.