The company Meta, responsible for social networks like Facebook, has started a new program for experts in digital security that will reward those who find vulnerabilities in the platform.
In short, this technique performs automated, large-scale scans to gather user information — some of it even publicly available, but without as much organization or visibility. This information can be used for future scams or even register in the name of other people. According to Meta, collection tactics are increasingly advanced and difficult to detect, in addition to exploiting bugs not yet discovered by the company.
Meta will also reward those who find and report the sale or availability of databases collected from up to 10,000 Facebook users, containing information such as email, telephone, address and religion, for example. This will also help the company initiate legal action against those responsible, such as a third-party app that has had security issues or an individual attacker.
Rewards vary in value depending on the impact and size of the discovery, but the minimum payout is $500 (about $2,800 in direct currency conversion) per referral. More information can be found on the Bug Bounty Program page.
In recent months, LinkedIn and Facebook itself were just a few social networks that were targeted for web scraping, with the data later marketed in forums.