Facebook Is Hosting Multiple Cybercrime Marketplaces

Uploaded on 2019-04-10 in TECHNOLOGY-Key Areas-Social Media, GOVERNMENT-Law Enforcement, FREE TO VIEW

Facebook has been host to "dozens" of busy marketplaces and exchanges used by cyber-thieves to buy and sell stolen goods, suggests a security firm. Researchers at Cisco found 74 groups on Facebook that openly traded stolen credit card numbers and bank account details. 

The groups had a regular membership of about 385,000 people, they found. Facebook said it had shut down the groups for breaking the social network's policies on financial fraud.

Jon Munshaw and Jaeson Schultz from Cisco's Talos security division detailed their findings in a blog and said they were surprised that the thieves were operating "right out in the open". Often, said the pair, pursuing cyber-criminals involved tracing them to hidden servers on dark web addresses, rather than just searching on social media sites. Instead, they said, the gangs operating on Facebook took few steps to conceal what they were doing. The groups exhibited a wide variety of behaviours that spanned the spectrum from "shady" to, "illegal".

Some openly advertised hacking, phishing and spamming services, while others sought buyers for stolen personal finance information that included both credit card numbers and personal documents, including driving licences and ID cards.

Facebook's own algorithms also proved useful because they "helpfully" suggested other similar-themed groups once the two researchers started looking for card thieves, spammers and other cyber-criminals.Across the groups, payment was accepted in crypto-currencies or via payment services such as PayPal, said the Talos team. Some groups used middlemen or "mules" to pipe cash to buyers. 

The Talos researchers said they initially tried to get the groups shut down by using Facebook's own on-site tools but this proved ineffective.

To make a bigger impact, the team built up links with Facebook's internal security team and passed on detailed information about the criminal marketplaces. This led to the "majority" of the groups being removed, they said, but some were still active and Talos was still working to shut these down. 

Facebook said it removed groups that "violated" policies against spam and financial fraud. It added: "We know we need to be more vigilant and we're investing heavily to fight this type of activity." 

BBC:  

You Might Also Read:

Cybercrime Misconceptions Put Consumers At Risk:

 

« A Snapshot Of Cybercrime In The UK
Critical Infrastructure Is Under Worldwide Attack »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Anomali

Anomali

Anomali delivers intelligence-driven cybersecurity solutions to enhance threat visibility, automate threat processing and detection, and accelerate threat investigation, response, and remediation.

Cybertekpro

Cybertekpro

Cybertekpro is a specialist insurance broker providing Cyber Liability insurance and cyber risk assessment services.

Iceberg

Iceberg

Iceberg has been established to provide companies with cyber security experts who will protect businesses from the unseen threat of cyber crime.

SynerComm

SynerComm

SynerComm is an IT solution provider specializing in network and security infrastructure, enterprise mobility, remote access, wireless solutions, audit, pentesting and information assurance.

Securitybulls

Securitybulls

Securitybulls is an information security firm offering an encyclopedic penetration testing & IT security assessment service for your organization.

IoTsploit

IoTsploit

IoTsploit provides 20/20 visibility of network connections, protecting critical infrastructure assets from IoT vulnerabilities.

Splone

Splone

Splone is a Berlin-based IT security research team and consultancy. We help improve IT-security by offering red team assements, penetration tests, audits and customized consulting.

Elemental Cyber Security

Elemental Cyber Security

Elemental is a game changing cyber security compliance automation and enforcement technology provider.

DataExpert Singapore

DataExpert Singapore

DataExpert Singapore provide solutions and services in the areas of Digital Forensics, Data Recovery, Data Duplication, Data Degaussing & Wiping, Data Destruction, and IT Disposal.

Surefire Cyber

Surefire Cyber

Surefire Cyber delivers swift, strong response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats with end-to-end response capabilities.

Tenet3

Tenet3

Tenet3's vision is to make optimal cyber strategy development tractable, data driven, with concrete success metrics. The result is cost effective cyber resilience for our customers.

National Coordinator for Security and Counterterrorism (NCTV) - Netherlands

National Coordinator for Security and Counterterrorism (NCTV) - Netherlands

The NCTV serves the Netherlands’ national security. We protect national interests, identify threats and strengthen resilience.

ShieldIO

ShieldIO

ShieldIO Real-Time Homomorphic Encryption™ enables your organization to reach regulatory compliance without compromising data availability.

Acumenis

Acumenis

At Acumenis, we help organisations of all sizes to manage information security effectively. Our key services are penetration testing, ISO 27001 implementations, and security

itm8

itm8

itm8 is a Nordic digital transformation partner offering a wide range of services in IT operations and Cloud Services, Digital Transformation, Application Services, ERP, and Cyber Security.

Twine Security

Twine Security

Twine is pioneering the creation of AI digital cybersecurity employees to help improve efficiency for cybersecurity teams.