Hackers Are Selling Your Social Media Data

Uploaded on 2020-05-05 in TECHNOLOGY-Key Areas-Social Media, TECHNOLOGY--Hackers, FREE TO VIEW

Social media companies are failing to clamp down on scammers selling people's personal details through their platforms, an investigation from consumer watchdog Which? has shown. It found 50 profiles, pages and groups on Facebook, Twitter and Instagram offering stolen credit-card details, and Netflix and Uber Eats accounts. Much of the content had remained on the platforms after being reported.
 
Facebook is a magnet for cyber criminals who see its nearly 1.6 billion monthly active users as 1.6 billion tempting targets and Facebook scams are the most common online attack method, according to the 2016 edition of technology firm Cisco’s Annual Security Report, with 33,681,000 examples identified by the company’s researchers, just ahead of JavaScript attacks in its malware chart.
 
Another point raised by the Report says, ‘In the post–Edward Snowden era, the geopolitical landscape for Internet governance has changed dramatically.... There is now pervasive uncertainty surrounding the free flow of information across borders. The landmark case brought by the Austrian privacy activist Max Schrems against the social networking giant Facebook had perhaps the biggest impact, leading the Court of Justice of the European Union (CJEU) to overturn the US Safe Harbor Agreement on October 6, 2015.’ 
 
Which? carried out an investigation before the coronavirus lockdown and found one Facebook post revealing a Yorkshire man's: full name, date of birth, address, mobile phone number, credit-card number, security code and expiry data and his bank name and sort code. According to Which? the post had been live for four months.
 
Only after Which? had requested a review of that decision had the post been removed - and, even then, the group in which it had been posted had remained active. In response, Facebook, which also owns Instagram, told the BBC that it had now acted to take down all the content.
 
 
Scam Tactics
On Twitter, investigators found fraudsters offering: 
  • the full credit-card details of someone with a "£13,000 plus balance" for £100 - or three sets of card details for £200
  • a fake passport for £3,000
  • Which? said it had found the content simply by searching for slang terms for fraud.
Twitter's algorithms had then even suggested similar accounts via its "Who to follow" section. Twitter said it was against its rules "to use scam tactics to obtain money or private financial information....here we identify violations of our rules, we take robust enforcement action," it said.
 
A Which? spokes is reported  to have said  "It's astonishing that social media sites make it so easy for criminals to trade people's personal and financial information, particularly as fraud is such a prevalent crime that can have devastating consequences." and Which? has called on Facebook and Twitter "to take stronger action to prevent their sites becoming a safe haven for scammers" and "work with the financial industry and police to address serious flaws with their platforms".
 
As Facebook and Twitter evolve so do the cyber criminals and this process will not stop and so your cyber security is very important for saving your information and money.
 
Which?:     Cisco:           Microsoft:           BBC:      Guardian
 
You Might Also Read: 
 
Millions of Facebook Profiles For Sale:
 
 
 
 
 
 
 
 
« The Impact Of Artificial Intelligence On Cyber Security
Microsoft Eliminates Cyber Attack Flaws »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Prolinx

Prolinx

Prolinx provide secure Data Centre hosting services and other fully managed security services for networks and information systems.

Opengear

Opengear

Opengear ensures network resilience to enterprises by enabling business continuity with the Network Resilience Platform.

Sucuri

Sucuri

Sucuri have offered holistic website security solutions since 2008 including malware removal, malware monitoring and website protection services.

PSW Group

PSW Group

PSW Group is a full-service Internet solutions provider with a special focus on Internet security.

Tenzir

Tenzir

Tenzir's primary focus lies on network forensics: the systematic investigation of cyber attacks with big data analytics.

ANSI National Accreditation Board (ANAB)

ANSI National Accreditation Board (ANAB)

ANAB is the largest accreditation body in North America. The directory of members provides details of organisations offering certification services for cybersecurity related standards.

NanoLock Security

NanoLock Security

NanoLock delivers the industry’s only end-to-end platform for the IoT and connected devices ecosystem.

Anthony Timbers LLC

Anthony Timbers LLC

Anthony Timbers is a cybersecurity consulting and penetration testing firm providing services to the Federal and Commercial sectors nationwide.

Samurai Digital Consulting

Samurai Digital Consulting

Samurai Digital Security are a cyber and Information security services provider, specialising in penetration testing, incident response, user awareness and information governance solutions.

Valimail

Valimail

Valimail delivers the only complete, cloud-native platform for validating and authenticating sender identity to stop phishing, protect and amplify brands, and ensure compliance.

Dutch Research Council (NWO)

Dutch Research Council (NWO)

The Dutch Research Council (NWO) is one of the most important science-funding bodies in the Netherlands and ensures quality and innovation in science.

ShellBoxes

ShellBoxes

ShellBoxes are a leading Web3 company focused on providing top-notch blockchain security and development services.

Dexian

Dexian

Dexian is a leading provider of staffing, IT, and workforce solutions with nearly 12,000 employees and 70 locations worldwide.

Cyber Qubits

Cyber Qubits

Cyber Qubits is a cybersecurity training and consulting company focused on developing the next generation of cybersecurity professionals.

Incode

Incode

Incode is the leading provider of world-class identity solutions that is reinventing the way humans authenticate and verify their identities online.

Assurestor

Assurestor

Assurestor's singular focus is delivering leading cloud-based backup and disaster recovery designed to increase levels of IT resilience.