Report: Fraudsters ‘Hiding in Plain Sight’ on Social Media

Feb. 29, 2016

Report: Fraudsters ‘Hiding in Plain Sight’ on Social Media Once thought to exist only in hard-to-get-to corners of the "Dark Web," online fraud groups that share intelligence and stolen information have moved to mainstream social media, according to a new report released today by RSA Security. " Hiding in Plain Sight: The Growth of Cybercrime in Social Media " details how social media platforms—especially Facebook—have become the professional networking hubs of choice for fraudsters around the world. The company’s research found more than 500 social media groups comprising more than 220,000 members around the world. Sixty percent of those individuals belonged to Facebook groups, nearly all of whom were based outside the U.S. or Western Europe.

The groups mostly operate under the "public" or "closed" settings, but many of the closed groups do not require the vetting that fraudster forums on the dark Web usually do. RSA’s FraudAction unit said it found easily available information in these groups including credit card numbers with PII and authorization codes, cybercrime tutorials, malware and hacking tools, and cashout and muling services.

"What I found most fascinating is the boldness with which fraudsters are conducting their businesses out in the open, in some cases from their real personal profiles," Gabriel Guzman, head of fraud intelligence at RSA, told in an email exchange. "The proliferation and accessibility of fraud in social media is alarming. Today, anyone is just two or three clicks away from accessing compromised financial data and learning how to use it. The insight provided by the research gives us a glimpse into the underlying social structures that influence cybercriminal activity, and prepares us to fight them more effectively."

While Facebook is the largest haven for this type of activity (RSA noted it disclosed the information to Facebook, which worked to shut down many of the groups, and the appropriate law enforcement agencies), the report said Facebook-owned messaging app WhatsApp is the now the favored communication tool of fraud-dedicated groups.