Hackers Are Selling Your Social Media Data

Uploaded on 2020-05-05 in TECHNOLOGY-Key Areas-Social Media, TECHNOLOGY--Hackers, FREE TO VIEW

Social media companies are failing to clamp down on scammers selling people's personal details through their platforms, an investigation from consumer watchdog Which? has shown. It found 50 profiles, pages and groups on Facebook, Twitter and Instagram offering stolen credit-card details, and Netflix and Uber Eats accounts. Much of the content had remained on the platforms after being reported.
 
Facebook is a magnet for cyber criminals who see its nearly 1.6 billion monthly active users as 1.6 billion tempting targets and Facebook scams are the most common online attack method, according to the 2016 edition of technology firm Cisco’s Annual Security Report, with 33,681,000 examples identified by the company’s researchers, just ahead of JavaScript attacks in its malware chart.
 
Another point raised by the Report says, ‘In the post–Edward Snowden era, the geopolitical landscape for Internet governance has changed dramatically.... There is now pervasive uncertainty surrounding the free flow of information across borders. The landmark case brought by the Austrian privacy activist Max Schrems against the social networking giant Facebook had perhaps the biggest impact, leading the Court of Justice of the European Union (CJEU) to overturn the US Safe Harbor Agreement on October 6, 2015.’ 
 
Which? carried out an investigation before the coronavirus lockdown and found one Facebook post revealing a Yorkshire man's: full name, date of birth, address, mobile phone number, credit-card number, security code and expiry data and his bank name and sort code. According to Which? the post had been live for four months.
 
Only after Which? had requested a review of that decision had the post been removed - and, even then, the group in which it had been posted had remained active. In response, Facebook, which also owns Instagram, told the BBC that it had now acted to take down all the content.
 
 
Scam Tactics
On Twitter, investigators found fraudsters offering: 
  • the full credit-card details of someone with a "£13,000 plus balance" for £100 - or three sets of card details for £200
  • a fake passport for £3,000
  • Which? said it had found the content simply by searching for slang terms for fraud.
Twitter's algorithms had then even suggested similar accounts via its "Who to follow" section. Twitter said it was against its rules "to use scam tactics to obtain money or private financial information....here we identify violations of our rules, we take robust enforcement action," it said.
 
A Which? spokes is reported  to have said  "It's astonishing that social media sites make it so easy for criminals to trade people's personal and financial information, particularly as fraud is such a prevalent crime that can have devastating consequences." and Which? has called on Facebook and Twitter "to take stronger action to prevent their sites becoming a safe haven for scammers" and "work with the financial industry and police to address serious flaws with their platforms".
 
As Facebook and Twitter evolve so do the cyber criminals and this process will not stop and so your cyber security is very important for saving your information and money.
 
Which?:     Cisco:           Microsoft:           BBC:      Guardian
 
You Might Also Read: 
 
Millions of Facebook Profiles For Sale:
 
 
 
 
 
 
 
 
« The Impact Of Artificial Intelligence On Cyber Security
Microsoft Eliminates Cyber Attack Flaws »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Oxygen Forensics

Oxygen Forensics

Oxygen Forensics offer the most advanced forensic data examination tools for mobile devices and cloud services.

HPE Aruba Networking

HPE Aruba Networking

HPE Aruba Networking, a Hewlett Packard Enterprise company, is a leading provider of next-generation network access solutions for the mobile enterprise.

Towergate Insurance

Towergate Insurance

Towergate Insurance is a leading UK specialist insurance broker. Business products include Cyber Liability Insurance.

Cobalt Strike

Cobalt Strike

Cobalt Strike is penetration testing software designed to execute targeted attacks.

Assystem

Assystem

Assystem delivers a comprehensive security approach for the industrial and service sectors that integrates physical security systems, industrial cyber-security, functional safety and dependability.

Ioetec

Ioetec

Ioetec's mission is to connect users to their IoT devices securely, ensuring these devices remain safe to use in our increasingly connected world.

Nucleon

Nucleon

Nucleon enables cybersecurity tools, organizations and software developers to become proactive by blocking threats before they become breaches.

Capy

Capy

Capy's SaaS-based security solutions will protect your website from bots, spam, humans and more.

Civic Technologies

Civic Technologies

Civic’s Secure Identity Platform (SIP) uses a verified identity for multi-factor authentication on web and mobile apps without the need for usernames or passwords.

3wSecurity

3wSecurity

3wSecurity provides visibility to your company’s internet facing systems throughout the security life cycle, allowing for a more thorough approach to vulnerability management.

Point Predictive

Point Predictive

Point Predictive build Predictive Models using Artificial Intelligence and Machine Learning techniques that help our customers stop fraud and early payment default (EPD).

Cybaverse

Cybaverse

Cybaverse (formerly North Star Cyber Security) was founded to create the perfect blend of a Managed Security Service Provider (MSSP) and a Cyber Security Consultancy in one.

Imprivata

Imprivata

Imprivata is the digital identity company for life- and mission-critical industries, redefining how organizations solve complex workflow, security, and compliance challenges.

Mindcore Technologies

Mindcore Technologies

Mindcore provide cyber security services, managed IT services and IT consulting services to businesses in NJ, FL, and throughout the United States.

Runecast Solutions

Runecast Solutions

Runecast Solutions is a global leader in AI-powered risk mitigation, security, continuous compliance and more efficient IT operations management.

Scribe Security

Scribe Security

Scribe security provides end-to-end software supply chain security solutions.