Facebook Strikes Back on Data Harvesters and Fraudsters

Even if you don’t use Facebook every day, you probably have an account by now. And if you do have an account, you should be aware of the potential security risks that come with having one. Facebook has recently ranked last in digital trust among consumers, and that says a lot about how users perceive Facebook’s attitude towards cybersecurity. While no one is 100% protected from a data breach, users can only update Facebook passwords after a leak. The rest lies on the company’s shoulders, and the signs show that the social media behemoth is brandishing its guns to take down online scammers one at a time.

The blow to Facebook’s reputation

Most of us probably can’t imagine our lives without Facebook because it helps us stay connected, and it can also cure our boredom with its games, quizzes, and memes that get thrown our way. The problem here is that users seldom realize that the quizzes and surveys they fill out via Facebook can be a straight way to an online scam. After all, a quiz or a survey requires you to be logged into your account, and you can be sure that at least some of your personal data will be transferred to a third-party that provides the quiz.

Something like that exploded back in 2018 when a UK-based firm called Cambridge Analytica was found to harvest user data via an online quiz app. Tens of millions of Facebook users had their data shared and then, later on, used even in political campaigns. As a result, Facebook’s Mark Zuckerberg was even grilled with a string of questions in the US Senate.

The line between an online scam and just shady activity can be very slim. In a sense, due to various security settings, a lot of companies are able to harvest user data, and technically, it is not illegal. However, when we take a look at where that data can be used, and how it can be shared with third parties, it becomes clear that user data harvesting is a harmful activity.

Facebook’s retaliation

We can’t be sure what spurred Facebook to take legal action against companies that harvest user data. It could be the moral obligation, the drop in trust, or the whooping $5 billion in fine they had to pay for the Cambridge Analytica data breach scandal. Whichever it is, Facebook is now taking user data abuse and online scammers seriously. Take the lawsuit against MGP25 Cyberint Services, for example.

MGP25 Cyberint Services is a Spanish company that used to sell likes and followers on Instagram. To sell such services, the company would employ web scraping to harvest private Facebook user data. Keeping in mind that Facebook has more than 2 billion active monthly users, its user data is a gold mine for anyone who works in data science or analytics. Unfortunately, it’s also a great sandbox for online scams and hackers, so the audacity of the Spanish firm to sell Instagram likes using Facebook users’ private data is just a tip of the iceberg.

Needless to say, the lawsuit against the Spanish firm isn’t the only one out there. Facebook also brought to court a South Korean company RankWave, and several Chinese nationals for declining to adopt the platform’s advertising rules and for using Facebook ads for malware distribution. There have also been several other lawsuits over the course of the last two years. Facebook targeted companies that facilitated online scams related to COVID-19, hackers who mimicked Facebook brands through malicious domains, and various other frauds that would have made a great negative impact on Facebook users.

All in all, it is definitely commendable to see that the company is taking steps to protect users’ privacy. However, lawsuits are a lengthy process, and it is clear that fraudsters will come up with new online scams faster than one can take down a malicious practice. Therefore, it is important to look at this issue from two fronts: the company’s and the end user’s side.

What can I do to improve my Facebook security?

Since most of the users employ the same email address across their social media accounts, it is also possible to assume that your Facebook and Instagram accounts are related, too. Even if your data wasn’t scraped by the Spanish company that sold Instagram likes, there is always a possibility that your data will be harvested eventually. Of course, the most important thing is to update Facebook password after leak, but it would also be a good idea to update your passwords regularly across all of your social media accounts.

Also, let’s not forget that those passwords have to be strong and unique. You mustn’t reuse passwords across different accounts because that will only make it easier for criminals to steal your data and use it for online scams!

So, what would be the most efficient way to come up with new passwords? We recommend using a password manager tool. With a password manager, you can generate new and unique passwords for every single account, and you don’t even have to memorize them. The tool will do that for you. At the same time, employing an automated tool allows you to renew password with just a single click. In other words, you won’t have to rack your brain every single time you need to come up with new things.

Aside from improving your password security, you can also consider employing two-factor authentication, to prevent schemers from accessing your account. What’s more, it would be a good idea to review your Facebook’s Privacy Settings. You can find a list of settings you should take into account here. The bottom line is that you can avoid online scams even if shady companies are out there.

If you take your password security seriously, if you have relevant and upgraded privacy settings, and if you stay away from unfamiliar and random content that you encounter while scrolling through your feed, it should be more than enough to avoid various threats. And if you must, do not hesitate to learn more about cybersecurity.