Latest Posts:
TheTechAgents
Tag

accounts

Browsing
Internet

Black market for fraudulent ad accounts found on Facebook By Techagents

A technology forum watchdog group reported Monday that it has found more than 100 Facebook groups, some with thousands of members, where business management accounts are bought and sold, in violation of the social network’s rules.

The accounts can be used to run multiple pages and advertising campaigns, according to an investigation by the Tech Transparency Project, a Washington, D.C.-based information and research organization, creating new opportunities for online scams, misinformation and election interference. Can Impact of major technology platforms on society.

TTP Director Katie Paul told TechNewsWorld, “For years, Facebook has claimed that its artificial intelligence systems can clean its platform, but time and time again, we have found that Facebook’s technology fails to remove harmful content. that violates its policies.” “That’s unfortunately also true for this black market for ad accounts.”

TTP explained that Business Manager accounts allow social media managers and marketers to manage a collection of Facebook ad accounts, Facebook Pages, and Instagram accounts from a single dashboard. It added that Facebook’s parent company Meta promotes them as a “one-stop shop” for advertising and marketing on its platform.

The report notes that accounts are particularly valuable to scammers because business managers can run a range of advertising campaigns and easily add new users and ad accounts to expand their reach.

In Facebook groups examined by TTP, the group found that users often sold accounts for large amounts. Several accounts are linked to someone’s credit cards, it continued, indicating they were hacked or stolen. “It’s obviously a big problem for individual users or small businesses who all of a sudden have an unauthorized person racking up big charges on their card,” Paul said.

The report also found that in some cases, sellers offered approved accounts to advertise political, election and social issues.

facebook act

After being alerted to the situation, Facebook began weeding out the black market. “We removed groups that were flagged to us last week for violating our policies, and we will continue to review additional groups and remove violators.” the company said in a statement provided to TechNewsWorld by spokeswoman Erin McPike.

In addition to deleting the group, the company said it has set up checkpoints for a number of group administrators who are required to provide additional information before they can access their accounts.

Regardless of Facebook’s actions, the report says the black market raises some troubling questions for the company and its parent Meta. Given Facebook’s long-standing scam ad problem and its history with Russian election interference, it’s unclear why Meta isn’t doing more to combat this illegal trade, the report said.

Clearwater, Fla. Jenny Grisdoorn, senior manager of global social media strategy at KnowBe4, a security awareness training provider in the U.S., cited Facebook’s community guidelines as evidence of a lack of concern about fraudulent accounts. Those guidelines state, “If it appears to have been hacked or compromised and we are unable to confirm ownership of the account after one year, we may disable or delete your account.”

“That should be enough to state that Facebook doesn’t care about getting rid of these fake or hacked accounts, so it’s best that anyone who uses the platform does their part,” Grisdoorn told TechNewsworld. Protects personal information as much as possible.”

Fake Accounts, Real Revenue

Some critics of Facebook have suggested that the social network has taken a lighter touch on fraudulent accounts because they generate revenue.

“These black-market Business Manager accounts are approved to advertise on Facebook. This means that Facebook profits whenever the purchasers of these illegal accounts run ads on the platform.

“This raises new questions about how much of Facebook’s advertising revenue is coming from hacked, stolen or smuggled ad accounts,” he added.

While acknowledging that Facebook can make money from fraudulent accounts, Will Duffield, a policy analyst at the Cato Institute, a Washington, DC think tank, pointed out that fake accounts don’t generate as much revenue as legitimate accounts.

“There’s some incentive not to hit the problem too hard, but on the business side, every black market account means a business customer is dissatisfied because their account has been stolen,” Duffield told TechNewsWorld.

“If legitimate accounts are being stolen and turned into black market accounts, that doesn’t bode well for Facebook,” he said.

platform for election interference

Facebook has a longstanding problem with accounts being hijacked to run scam ads using people’s credit card information, TTP reports. It’s easy to see how Business Manager accounts could be useful to scammers, the report continued, given their ability to run multiple ad campaigns at once.

It said owners of Business Manager accounts have repeatedly described how hackers have taken over their accounts, raising their billing limits by raising thousands of dollars to spend on scam ads that lure people to suspicious e-mail addresses. Commerce leads to websites.

TTP’s investigation also found sellers offering accounts that could run ads on social issues, elections or politics. This raises concerns that they could be used for coordinated unauthentic activity and election interference, the report said.

“Facebook executives often speak of their efforts to prevent election interference, but at the same time, the company is facilitating a black market for accounts that can run election ads in specific countries,” Paul said.

“Facebook is essentially undermining its own election security efforts with its failure to address this issue,” she continued. “The Facebook Business Manager accounts identified by TTP are of particular concern because they can run multiple advertising campaigns at once, increasing the ability of bad actors to spread misinformation.”

Challenging work

Controlling disinformation on Facebook is a challenging problem, said Vincent Reynold, an associate professor in the Department of Communication Studies at Emerson College in Boston.

“It is extremely difficult for Facebook to identify and suppress disinformation because the expression of disinformation continues to evolve on these platforms,” ​​Raynauld told TechNewsWorld.

“If Facebook sets up a filter to catch certain types of misinformation, the creators of misinformation will adjust its structure so that it escapes the filter and impacts public conversation,” he explained.

Issues like hijacked accounts have always been a part of Facebook, he said, but the overall weight of Facebook when it comes to disinformation and its impact on political processes makes these types of issues more important to the public. .

“Social media has become an integral part of people’s daily lives, especially when it comes to accessing information that influences not only consumer decisions but political decisions as well,” he said.

Read More
By
Internet

EvilProxy phishing service is a threat to the security of MFA accounts By Techagents

A new phishing-as-a-service offering on the dark web poses a threat to online accounts protected by multi-factor authentication, according to a blog posted Monday by an endpoint security company.

Called EvilProxy, the service allows threat actors to launch phishing campaigns, with the ability to largely bypass MFAs without the need to hack upstream services, the Resecurity researchers noted in the blog. .

The service uses methods supported by APT and cyber espionage groups to compromise accounts protected by MFA. According to the researchers, such attacks have been discovered against Google and Microsoft customers whose accounts have MFA enabled via SMS text messages or application tokens.

Phishing links produced by EvilProxy lead to cloned web pages that have been compromised by accounts associated with multiple services, including Apple iCloud, Facebook, GoDaddy, GitHub, Dropbox, Instagram, NPM, PyPI, RubyGems, Twitter, Yahoo, and Yandex. has been prepared to do.

Threat actors using EvilProxy to gain access to their repositories are targeting software developers and IT engineers with the ultimate goal of hacking “downstream” targets, the researchers wrote.

He explained that these tactics allow cybercriminals to capitalize on end users who believe they are downloading software packages from secure resources and do not expect them to be compromised.

faster, faster, better

“This incident poses a threat to software supply chains because it targets developers by giving the service’s cybercriminal customers the ability to launch campaigns against GitHub, PyPI and NPM,” said Avid Gershon, leader of the security research team at Checkmarks. Said, an application security company, in Tel Aviv, Israel.

“Just two weeks ago,” he told TechNewsWorld, “we saw the first phishing attack against PyPI contributors, and now we see the service take it a few steps further by making these attacks accessible to less tech operators and adding capability. To bypass the MFA.”

Checkmarx’s head of supply chain security Tzachi Zorenstein said the nature of supply chain attacks increases the reach and impact of cyber attacks.

“Abusing the open-source ecosystem represents an easy way for attackers to increase the effectiveness of their attacks,” he told TechNewsWorld. “We believe this is the beginning of a trend that will increase in the coming months.”

A phishing-as-a-service platform can also increase attacker effectiveness. “Since PhaS can operate at scale, it enables adversaries to be more efficient at stealing and defrauding identities,” said Resecurity CEO Jean Yu.

“Old-fashioned phishing campaigns require money and resources, which can be overwhelming for one person,” he told TechNewsWorld. “Fas is just faster, faster, better.”

“It’s something that’s very unique,” he said. “It’s very rare to produce a phishing service on this scale.”

well packed

Many illegal services, hacking and malicious intent are solution products, explained Alon Nachmani, field CISO at AppviewX, a certificate lifecycle management and network automation company in New York City.

“By using a PhaS solution malicious actors have less overhead and less to spring an attack,” he told TechNewsWorld.

“Quite honestly,” he continued, “I’m surprised it took so long to become a thing. There are so many marketplaces where you can buy ransomware software and link it to your wallet. Once deployed , you can collect the ransom. The only difference here is that it is completely hosted for the attacker.”

While phishing is often considered a low effort activity in the hacking world, it still requires some work, said Monia Deng, director of product marketing at Bolster, a provider of automated digital risk protection in Los Altos, Calif. You’ll need it to do things like stand up to a phishing site, create emails, automate managers, and nowadays, steal 2FA credentials on top of primary credentials, she explained.

“With Faas,” she continued, “everything is neatly packaged on a subscription basis for criminals who do not require any hacking or even social engineering experience. It Opens the ground for many more threat actors who want to exploit organizations for their own gain.”

bad actors, great software

Security researchers explained that payment for EvilProxy is conducted manually through an operator on Telegram. Once the subscription funds are received, they will be credited to the account in the customer portal hosted on TOR. The kit is available for $400 per month.

EvilProxy’s portal has many tutorials and interactive videos on using the service and configuration tips. “To be clear,” the researchers wrote, “the bad actors did a great job in terms of service usability, and configuration of new campaigns, traffic flow, and data collection.”

“This attack just shows the maturity of the bad actor community,” said George Gerchow, CSO and senior vice president of IT at Sumo Logic, an analytics company focused on security, operations and business information in Redwood City, Calif.

“They are packing these kits nicely with detailed documentation and videos to make it easier,” he told TechNewsWorld.

The service uses a “reverse proxy” principle, the researchers noted. It works like this: Bad actors lead victims to a phishing page, use a reverse proxy to get all the legitimate content the user expects to see, and sniff their traffic through the proxy.

“This attack highlights how low the barrier of entry is for unsophisticated actors,” said Heather Iannucci, a CTI analyst at Tanium, creator of an endpoint management and security platform in Kirkland, Wash.

“With EvilProxy, a proxy server sits between the legitimate platform’s server and the phishing page, which steals the victim’s session cookie,” she told TechNewsWorld. “This can then be used by the threat actor to login to a legitimate site as a user without an MFA.”

“Defending against EvilProxy is a challenge because it combines cheating a victim and MFA bypass,” Yu said. “The real compromise is invisible to the victim. Everything sounds good, but it’s not.”

still in effect

Nachmany warned that users should be concerned about the effectiveness of MFAs that use text messaging or application tokens. “Fas is designed to use them, and this is a trend that will grow in our market,” he said.

“The use of certificates as an additional factor is what I expect to see an increase in use soon,” he said.

While users should be careful when using an MFA, it is still an effective mitigation against phishing, said Patrick Harr, CEO of SlashNext, a network security company in Pleasanton, Calif.

“It increases the difficulty of leveraging compromised credentials to disband an organization, but it is not foolproof,” he said. “If a link leads the user to a counterfeit replica of a legitimate site—which is nearly impossible to identify as not legitimate—the user may be the victim of an adversary-in-the-middle attack, such as this one by EvilProxy.” is used to .”

Read More
By
Internet

A third of US social media users are creating fake accounts By Techagents

Fake social media accounts are usually associated with bot networks, but some research released Tuesday showed that many social media users are creating fake accounts of their own for a variety of reasons.

According to a survey of 1,500 US social media users conducted by USCasinos.com, one in three US social media users have multiple accounts on the social media platforms they use. About half (48%) of people with multiple accounts have two or more additional accounts.

Reasons for creating additional accounts vary, but the most commonly cited are “sharing my thoughts without judgment” (41%) and “spying someone else’s profile” (38%).

Other motives behind creating fake accounts include “increasing my chances of winning an online contest” (13%), “increasing likes, followers and other metrics on my real account” (5%), fooling others (2.6%) Are included. and for scamming others (0.4%).

When asked where they were creating their fake accounts, respondents most often named Twitter (41%), followed by Facebook (31%) and Instagram (28%). “That’s because Twitter is pretty much open by default,” said Will Duffield, a policy analyst at the Cato Institute, a Washington, DC think tank.

“Twitter power users will often have multiple accounts — one for a mass audience, other for smaller groups, one that is open by default, one that is private,” he told TechNewsWorld.

Infographic explains where US residents create fake social media accounts

Infographic Credit: USCasinos.com

Twitter prompted the research by the online casino directory site, noted study co-author Ines Ferreira. “We started this study primarily because of discussions about Elon Musk and the Twitter deal,” she told TechNewsWorld.

That deal is currently tied up in the courts and hinges on a dispute between Musk and the Twitter board over the number of fake accounts on the platform.

sex changing detective

The types of fake accounts in the study, however, differ from the ones that confused Musk. “The survey tackles two completely different issues,” Duffield said.

“On the one hand, you have automated accounts – things operated by machines and often used for spamming. This is the kind of fake account that Elon Musk alleges Twitter has too much,” he told TechNewsWorld. There are pseudonymous accounts, which are being surveyed here. They are operated by users who do not wish to use their real names.”

The survey also found that most users retained their same gender (80.9%) when creating fake accounts. The main exception to that practice, the survey noted, is when users want to spy on other accounts. Then they are in favor of creating a fake account of the opposite sex. In general, one in 10 (13.1%) of those surveyed said they used the opposite sex when creating fake accounts.

Infographic reveals how many fake social media accounts owners own

Infographic Credit: USCasinos.com

“There are a number of reasons why we don’t want everything we do online to be associated with our real name,” Duffield said. “And it doesn’t necessarily have to be cancel culture or anything like that.”

“One of the great things about the Internet is that it allows us to divulge identities without committing ourselves or trying on new individuals so that we can showcase one aspect of ourselves at a time,” he said. Explained.

“It is absolutely normal for people to use pseudonyms online. If anything, using real names is a more contemporary expectation,” he said.

Accounts created with impunity

The study also found that most fake account creators (53.3%) prefer to keep the practice a secret from their inner circle of acquaintances. When they mentioned their fake accounts, they were most likely to mention them, followed by friends (29.9%), family (9.9%) and partners (7.7%).

The researchers also found that more than half of the owners of fake accounts (53.3%) were millennials, while Gen X had an average of three fake accounts and Gen Z had an average of two.

According to the study, the creators of fake accounts do this. When asked whether their fake accounts were reported on the platforms on which they were created, 94% of the participants responded negatively.

Infographic describing platforms where fake social media accounts have been reported

Infographic Credit: USCasinos.com

“Every time these platforms release new algorithms to report these accounts, most of them never report them,” Ferreira said. “There are so many fake accounts, and you can create them so easily, it’s really hard to identify them all.”

“After Elon Musk’s deal with Twitter, these platforms are going to be thinking a little bit more about how they’re going to do it,” she said.

However, Duffield downplayed the need for users to police fake accounts. “Creating these accounts is not against the platform rules, so there is no reason for the platform to consider them a problem,” he said.

“Since these accounts are operated by real people, even though they do not have real names, they act like real people,” he continued. “They’re messaging one person at a time. They’re taking the time to type things out. They have a typical day/night cycle. They’re sending messages to 100 different people at once at all hours of the day. Not sending thousand messages.

harmless fake?

Duffield stressed that unlike fake accounts created by bots, fake accounts created by users are less harmful to the platforms hosting them.

“There is a theory that people abuse more often when they are using a pseudonymous account or one that is not tied to their real identity, but from a sobriety perspective, banning a pseudonymous account is a real person.” No different from banning,” he observed.

“Facebook has had a real-name policy, although it has received a lot of criticism over the years,” he said. “I’d say it’s under-applied intentionally at this point.”

“As long as the pseudonymous account is complying with the rules, this is not a problem for the platforms,” he said.

While bot accounts do not contribute to the social media platform’s business model, fake user accounts do.

Duffield explained, “If the pseudonymous account is being used by a real human being, they are still seeing the ad.” “It’s not like a bot clicking on things without a human being involved. Regardless of the name on the account, if they’re seeing contextual ads and they’re being shown, from a platform standpoint, it’s not really a problem. Is.”

“Activity is reflected in monthly active user statistics, which is what the platform, advertisers and potential buyers care about,” he continued. “The total number of accounts is a useless statistic because people constantly drop accounts.”

Still, Ferreira argued that any form of fake account undermines the credibility of social media platforms. “At some point,” she said, “there are going to be more fake users than real users, so they need to do something about that now.”

Read More
By