Dozens of cybercriminal groups have found a home on Facebook, using the platform's online marketplace to sell illegal services such as stolen credit card information, as well as account theft and spamming tools, according to Cisco Systems’ Talos security unit.
"Over the past several months, Cisco Talos has tracked several groups on Facebook where shady (at best) and illegal (at worst) activities frequently take place. The majority of these groups use fairly obvious group names, including ‘Spam Professional,’ ‘Spammer & Hacker Professional,’ ‘Buy Cvv On THIS SHOP PAYMENT BY BTC 💰💵, and ‘Facebook hack (Phishing),’” Talos wrote in a blog post. “Despite the fairly obvious names, some of these groups have managed to remain on Facebook for up to eight years, and in the process acquire tens of thousands of group members.”
Through its research, Talos discovered 74 groups that had about 385,000 members. "These Facebook groups are quite easy to locate for anyone possessing a Facebook account. A simple search for groups containing keywords such as 'spam,' 'carding' or 'CVV' will typically return multiple results," according to the post.
And when a person joined one of the groups, Facebook’s algorithms would then suggest similar groups.
Most of the fraudulent sellers asked for payment in cryptocurrency form, while others used a "middleman" to serve as a go-between between the buyer and the seller of the information, who then took a cut of the profits. When this was the case, the buyer was usually asked to use PayPal to complete the transaction.
Facebook confirmed the groups, some of which Talos revealed had been on the social media site for as long as eight years, have been removed.
"These groups violated our policies against spam and financial fraud and we removed them. We know we need to be more vigilant, and we’re investing heavily to fight this type of activity," Facebook said in a statement, according to Bloomberg.