Hackers Are Selling Your Social Media Data

Uploaded on 2020-05-05 in TECHNOLOGY-Key Areas-Social Media, TECHNOLOGY--Hackers, FREE TO VIEW

Social media companies are failing to clamp down on scammers selling people's personal details through their platforms, an investigation from consumer watchdog Which? has shown. It found 50 profiles, pages and groups on Facebook, Twitter and Instagram offering stolen credit-card details, and Netflix and Uber Eats accounts. Much of the content had remained on the platforms after being reported.
 
Facebook is a magnet for cyber criminals who see its nearly 1.6 billion monthly active users as 1.6 billion tempting targets and Facebook scams are the most common online attack method, according to the 2016 edition of technology firm Cisco’s Annual Security Report, with 33,681,000 examples identified by the company’s researchers, just ahead of JavaScript attacks in its malware chart.
 
Another point raised by the Report says, ‘In the post–Edward Snowden era, the geopolitical landscape for Internet governance has changed dramatically.... There is now pervasive uncertainty surrounding the free flow of information across borders. The landmark case brought by the Austrian privacy activist Max Schrems against the social networking giant Facebook had perhaps the biggest impact, leading the Court of Justice of the European Union (CJEU) to overturn the US Safe Harbor Agreement on October 6, 2015.’ 
 
Which? carried out an investigation before the coronavirus lockdown and found one Facebook post revealing a Yorkshire man's: full name, date of birth, address, mobile phone number, credit-card number, security code and expiry data and his bank name and sort code. According to Which? the post had been live for four months.
 
Only after Which? had requested a review of that decision had the post been removed - and, even then, the group in which it had been posted had remained active. In response, Facebook, which also owns Instagram, told the BBC that it had now acted to take down all the content.
 
 
Scam Tactics
On Twitter, investigators found fraudsters offering: 
  • the full credit-card details of someone with a "£13,000 plus balance" for £100 - or three sets of card details for £200
  • a fake passport for £3,000
  • Which? said it had found the content simply by searching for slang terms for fraud.
Twitter's algorithms had then even suggested similar accounts via its "Who to follow" section. Twitter said it was against its rules "to use scam tactics to obtain money or private financial information....here we identify violations of our rules, we take robust enforcement action," it said.
 
A Which? spokes is reported  to have said  "It's astonishing that social media sites make it so easy for criminals to trade people's personal and financial information, particularly as fraud is such a prevalent crime that can have devastating consequences." and Which? has called on Facebook and Twitter "to take stronger action to prevent their sites becoming a safe haven for scammers" and "work with the financial industry and police to address serious flaws with their platforms".
 
As Facebook and Twitter evolve so do the cyber criminals and this process will not stop and so your cyber security is very important for saving your information and money.
 
Which?:     Cisco:           Microsoft:           BBC:      Guardian
 
You Might Also Read: 
 
Millions of Facebook Profiles For Sale:
 
 
 
 
 
 
 
 
« The Impact Of Artificial Intelligence On Cyber Security
Microsoft Eliminates Cyber Attack Flaws »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Get Cyber Safe

Get Cyber Safe

Get Cyber Safe is a national public awareness campaign created to educate Canadians about Internet security and the simple steps they can take to protect themselves online.

Baker McKenzie

Baker McKenzie

Baker & McKenzie is an international law firm. Practice areas include Data & Technology.

SolarWinds

SolarWinds

SolarWinds as a worldwide leader in solutions for network and IT service management, application performance, and managed services.

TestingXperts

TestingXperts

TestingXperts is a specialist software QA and testing company.

DataVantage

DataVantage

DataVantage data masking and data management software helps you prevent data breaches, pass compliance audits and meet regulatory requirements such as HIPAA and PCI DSS.

SiteGuarding

SiteGuarding

SiteGuarding provide website security tools and services to protect your website against malware and hacker exploits.

MIT Internet Policy Research Initiative (IPRI)

MIT Internet Policy Research Initiative (IPRI)

IPRI's mission is to work with policy makers and technologists to increase the trustworthiness and effectiveness of interconnected digital systems

Cyberia Group

Cyberia Group

Cyberia is a leading Internet and Security services provider with operations in Saudi Arabia, Lebanon and Jordan.

CipherMail

CipherMail

CipherMail provides email security products which allow organizations world wide to automatically protect their email against unauthorized access both in transit and at rest.

Oznet Cyber Security

Oznet Cyber Security

Oznet Cyber Security is dedicated to offering integral solutions oriented to the support and security of information.

Wipe-Global

Wipe-Global

Wipe-Global is specialized in data erasure with an international established service partner network.

Jobsite

Jobsite

Jobsite is an award winning job board in the UK providing job listings in the key sectors of IT, Engineering and Finance.

NuID

NuID

NuID is a pioneer in trustless authentication and decentralized digital identity.

Vircom

Vircom

With a large majority of cyber attacks starting with email, Vircom provides protection against the worst email security threats to your business.

Zorus

Zorus

Zorus provides best-in-class cybersecurity products to MSP partners to help them grow their business and protect their clients.

Technivorus Technology

Technivorus Technology

Technivorus is a deep-tech firm delivering customized Cybersecurity, Digital Marketing, Web & App Development, and multifarious IT services for businesses across the globe.