Cybercrime groups seem to be having a field day on Facebook, and there seem to be no stopping them. According to Cisco’s Talos security research team, there are a number of Facebooks groups that are dedicated to making money from various illicit and dubious schemes which include phishing schemes, trading hacked credentials and spamming, as reported by TechCrunch. The report found 74 such groups with a cumulative strength of 385,000.
The best part of the revelation is that the groups are not even looking to conceal their identities and in a way are flaunting it. The research group further goes on to add:
“The majority of these groups use fairly obvious group names, such as ‘Spam Professional’, ‘Spammer & Hacker Professional’, ‘Buy CVV on this shop’ and ‘Facebook hack (Phishing)’. Despite their fairly obvious names, some of these groups have managed to remain on Facebook for up to eight years, and in the process have acquired tens of thousands of group members.”
Apart from selling stolen credentials, the groups documented by Talos sell shell accounts for governments and organizations, promoting their expertise in moving large sums of money and also offering services to create fake passports and other documents.
This is not the first time that Facebook groups have been busted for being involved in illicit dealings and other forms of cybercrime. According to Brian Krebs report in 2018, 120 groups along with a cumulative number of 200,000 members were involved in similar activities.
The Talos researchers explain in their blog:
“Months later, though the specific groups identified by Krebs had been permanently disabled, Talos discovered a new set of groups, some having names remarkably similar, if not identical, to the groups reported on by Krebs.”
“While some groups were removed immediately, other groups only had specific posts removed,” Talos researcher Jaeson Schultz added.
This again brings to light Facebook’s inability to deal with such entities that use the platform’s reach and scale to carry on their illicit and harmful behaviour and these entities flourish in the unmonitored corners of its sprawling platform.