Eset Warns Of Dangers Of Data Collection On Facebook

0

Eset: Earlier this month, the Privacy Affairs website warned of the sale of a package containing data from 1.5 billion Facebook users in an online cybercriminal forum, which took place in September. ESET, a digital threat detection company, said on Wednesday (20) that the commercialized information was acquired by scraping and the product of this technique can be used in social engineering attacks, such as sending phishing emails for credential theft and malware download.

Also, the methodology is becoming more common and accessible, but it means that there has not necessarily been a compromise of the accounts involved.

Cecília Pastorino, a researcher at the institution, added that scraping is a methodology that extracts information from websites in bulk based on automated scripts. Typically it is used for internet address indexing or data analysis and has become popular in digital marketing actions, so many tools are available on the web and are easy to use.

Just one example among many

In the recent case of Facebook, the seller offered the possibility to download the information in full or in small parts. He also assured that he works for a company dedicated to scraping, has been working for four years and has more than 18 thousand customers.

After the offer was published, alleged customers questioned the data and stated that they were unable to access it after the acquisition. That said, Privacy Affairs explained that the seller denied the allegations and added that it had “evidence” of legitimacy.

ESET also detected the practice on Instagram months ago. At the time, scammers used such a tool on social network followers to try to steal money from customers of different banks.

Also involving Facebook, more than 500 million users had their data sold on forums in April. A few days later, a similar event happened with LinkedIn.

“Using this data can allow attackers to use the victim’s name and other references, such as the phone number, to personalize the deception, make it more reliable and therefore more effective,” concluded Camilo Gutiérrez Amaya, head of the ESET Latin America Research Laboratory.