Facebook doesn’t have the best reputation for creating a secure platform. From leaving passwords in plain text, to its app developers leaving users’ records exposed, Facebook continues to slip up.
Now, a report by Cisco cybersecurity research division — Talos — has found that Facebook still has an ongoing problem with cybercrime groups.
Talos said it compiled a list of 74 groups on Facebook with about 385,000 members who “promised to carry out an array of questionable cyber dirty deeds.” This included selling or trading stolen bank and credit card information and email spamming tools.
The majority of those groups didn’t work all that hard to hide what they were doing. According to Talos, most used obvious names like “Facebook hack (Phishing)” and “Spammer & Hacker Professional.”
To find the groups, all anyone had to do was a simple search containing some keywords. In addition, Talos noted that once someone joins one or more of those cybercrime groups, Facebook’s own algorithms will suggest more.
Using Facebook’s reporting function to take down groups didn’t always work because some only had specific posts removed. A spokesperson told The Verge, “These groups violated our policies against spam and financial fraud and we removed them. We know we need to be more vigilant and we’re investing heavily to fight this type of activity.”
This isn’t the first time Facebook has been notified of cybercrime on its platform. In April 2018, security reporter Brian Krebs alerted Facebook of dozens of groups offering services like wire fraud, tax refund fraud, and more.
Talos says it’s working with Facebook to identify and take down more of the groups, but this should be a cautionary tale to users about the importance of incorporating digital security into your everyday routine.