The security news and investigation platform KrebsOnSecurity uncovered vast cybercrime activities on Facebook early April 2019. Almost 120 private Facebook groups totaling more than 300,000 members who dealt with a host of illicit activities on Facebook were identified. These groups facilitated a broad spectrum of shady activities, including spamming, wire fraud, account takeovers, denial-of-service attack-for-hire services, and botnet creation tools. Upon notification, Facebook deleted these 120 groups.
Cybercrime On Social Media
According to Brian Krebs, this is only the tip of an iceberg. His report would have been anything but exhaustive. In the respective report on his website, he explained why he thinks that there may be actually thousands of cybercrime groups:
I only looked at groups that promoted fraudulent activities in the English language. Also, I ignored groups that had fewer than 25 members. As such, there may well be hundreds or thousands of other groups who openly promote fraud as their purpose of membership but which achieve greater stealth by masking their intent with variations on or mispellings of different cyber fraud slang terms.
Brian Krebs, founder of KrebsOnSecurity
In response, Facebook said its community standards policy does not allow the promotion or sale of illegal goods or services, and that once a violation is reported, its teams review a report and remove the offending post or group if it violates those policies.
We thank Mr. Krebs for bringing these groups to our attention, we removed them as soon as we investigated.
Pete Voss, Facebook communications director
Inspired by this Facebook case, Forbes contributor and cybersecurity pundit Zak Doffman conducted a 15-minutes-search for illicit activities on other social media platforms. In just those 15 minutes Zak’s team was able to identify fraud scams across YouTube, Eventbrite, Medium, Reddit, GitHub, and Telegram.
Hence, cybercrime is clearly not a Facebook issue, as shown by
Financial fraud schemes are not at all unique to Facebook, they are a fact of life in the digital realm, just like they are in the physical one.”
Fraudsters hiding in plain sight
The dark web is a difficult place to navigate. Social media platforms are an attractive alternative for cybercriminals. Fraudsters are now hiding in plain sight across literally hundreds of social media networks and other digital platforms,” according to Zack Allen, Director of Threat Operations at ZeroFox, a US-based specialist in ‘social media and digital protection’.
The cybercrime industry on social media has huge dimensions. In March 2019, Brian Krebs disclosed,for example, that two million credit and debit card numbers belonging to customers of the Italian restaurant chain Buca di Beppo were being sold in the cybercrime underground.
Social Media Boiler Rooms
FinTelegram is aware that illegal broker schemes and MLM scams are also using Facebook to promote their activities and find customers. They use Facebook groups as virtual boiler rooms to sell their respective products. Many members of these groups work like boiler room agents and leverage sales through their private Facebook pages. Well known for its promotional activities around illicit businesses is the group of a certain Dmitriy Saveljev, which has promoted more than a dozen scams since its foundation. Accordingly, this Facebook group changed its name many times already. Currently, it goes under the name of Bitrading888.
And again, this is not only a Facebook issue. Telegram and WhatsApp boiler rooms have become famous in the ICO hype of 2017. They are used to perform pump-and-dump schemes for cryptos (read this FinTelegram report on the Nasdacoin scheme here).