Hackers Are Selling Your Social Media Data

Social media companies are failing to clamp down on scammers selling people's personal details through their platforms, an investigation from consumer watchdog Which? has shown. It found 50 profiles, pages and groups on Facebook, Twitter and Instagram offering stolen credit-card details, and Netflix and Uber Eats accounts. Much of the content had remained on the platforms after being reported.
 
Facebook is a magnet for cyber criminals who see its nearly 1.6 billion monthly active users as 1.6 billion tempting targets and Facebook scams are the most common online attack method, according to the 2016 edition of technology firm Cisco’s Annual Security Report, with 33,681,000 examples identified by the company’s researchers, just ahead of JavaScript attacks in its malware chart.
 
Another point raised by the Report says, ‘In the post–Edward Snowden era, the geopolitical landscape for Internet governance has changed dramatically.... There is now pervasive uncertainty surrounding the free flow of information across borders. The landmark case brought by the Austrian privacy activist Max Schrems against the social networking giant Facebook had perhaps the biggest impact, leading the Court of Justice of the European Union (CJEU) to overturn the US Safe Harbor Agreement on October 6, 2015.’ 
 
Which? carried out an investigation before the coronavirus lockdown and found one Facebook post revealing a Yorkshire man's: full name, date of birth, address, mobile phone number, credit-card number, security code and expiry data and his bank name and sort code. According to Which? the post had been live for four months.
 
Only after Which? had requested a review of that decision had the post been removed - and, even then, the group in which it had been posted had remained active. In response, Facebook, which also owns Instagram, told the BBC that it had now acted to take down all the content.
 
 
Scam Tactics
On Twitter, investigators found fraudsters offering: 
  • the full credit-card details of someone with a "£13,000 plus balance" for £100 - or three sets of card details for £200
  • a fake passport for £3,000
  • Which? said it had found the content simply by searching for slang terms for fraud.
Twitter's algorithms had then even suggested similar accounts via its "Who to follow" section. Twitter said it was against its rules "to use scam tactics to obtain money or private financial information....here we identify violations of our rules, we take robust enforcement action," it said.
 
A Which? spokes is reported  to have said  "It's astonishing that social media sites make it so easy for criminals to trade people's personal and financial information, particularly as fraud is such a prevalent crime that can have devastating consequences." and Which? has called on Facebook and Twitter "to take stronger action to prevent their sites becoming a safe haven for scammers" and "work with the financial industry and police to address serious flaws with their platforms".
 
As Facebook and Twitter evolve so do the cyber criminals and this process will not stop and so your cyber security is very important for saving your information and money.
 
Which?:     Cisco:           Microsoft:           BBC:      Guardian
 
You Might Also Read: 
 
Millions of Facebook Profiles For Sale:
 
 
 
 
 
 
 
 
« The Impact Of Artificial Intelligence On Cyber Security
Microsoft Eliminates Cyber Attack Flaws »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Akin Gump Strauss Hauer & Feld

Akin Gump Strauss Hauer & Feld

Akin is a leading global law firm providing innovative legal services and business solutions to individuals and institutions. Practice areas include Cybersecurity, Privacy and Data Protection.

Cross Identity

Cross Identity

Cross Identity (formerly Ilantus Technologies) is a complete IAM solution that is deep, comprehensive, and can be implemented even by non-IT persons.

National Cyber Security Centre (CNCS) - Portugal

National Cyber Security Centre (CNCS) - Portugal

CNCS is the operational coordinator and Portuguese national authority in cybersecurity working with State entities, and digital service providers

ID Agent

ID Agent

ID Agent provides a comprehensive set of threat intelligence and identity monitoring solutions.

ZenMate

ZenMate

ZenMate is a Virtual Private Network services provider offering secure encrypted access to the internet.

InPhySec

InPhySec

InPhySec is a leading New Zealand information, physical and cyber security company.

Information System Security Directorate (ISSD) - Afghanistan

Information System Security Directorate (ISSD) - Afghanistan

Information System Security Directorate (ISSD) is the Directorate of MCIT responsible for the security of critical information infrastructures in Afghanistan.

DataTribe

DataTribe

DataTribe is a cyber startup foundry, leveraging deep experience and expertise to build and launch successful product companies.

Strategic Cyber Ventures (SCV)

Strategic Cyber Ventures (SCV)

SCV grow cybersecurity companies that disrupt advanced cyber adversaries and revolutionize the cyber product marketplace.

ITProTV

ITProTV

ITProTV is part of the ACI Learning family of companies providing Audit, Cyber, and IT learning solutions for enterprise and consumer markets.

Istari

Istari

ISTARI is a new kind of cyber risk management company. We’re an agile collective of best-in-class capabilities and experts, who build ongoing partnerships with clients.

Dimension Data

Dimension Data

Dimension Data is a leading African born technology provider operating in the Middle East and Africa, offering a portfolio of services including intelligent security solutions.

SoftForum

SoftForum

SoftForum is a company specializing in next-generation information security solutions in the Quantum-Resistant-Cryptography (PQC) field.

Carahsoft Technology Corp

Carahsoft Technology Corp

Carahsoft Technology is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets.

CyXcel

CyXcel

CyXcel is a cyber security consulting business grounded in the law which natively fuses crises, legal, technical, and consulting expertise digital networks, information and operational technology.

Kerberus Cyber Security

Kerberus Cyber Security

Kerberus Cyber Security (formerly MintDefense) is a leading innovator in Web3 user security, dedicated to safeguarding digital assets and transactions through its flagship product, Sentinel3.