Meta boots over 2M fake accounts originating from overseas scam centers
Meta Platforms on Thursday announced the removal of over two million accounts across Facebook, Instagram, and WhatsApp linked to highly organized scam centers run out of multiple countries in Southern Asia.
The accounts were associated with “forced labor” scam operations centers in Cambodia, Myanmar, Laos, the United Arab Emirates and the Philippines.
“These criminal compounds force their workers to engage in a wide range of malicious activity, from cryptocurrency, gambling, loan and investment scams (e.g., ‘pig butchering’) to government and other impersonation scams,” Meta said.
ADVERTISEMENT
Meta, who worked in cooperation with local law enforcement in many of the countries, said these “extremely persistent and well-resourced” criminal cartels consistently evolve their tactics to avoid detection.
“The Royal Thai Police has been working with Meta on disrupting criminal scam centers for over two years,” said Major General Teeradej Thumsutee, Royal Thai Police Commander of the Metropolitan Police Investigations Division.
“We’ve been able to share information so they can investigate and take action against the bad guys and help us hold the criminal syndicates behind these scam centers accountable,” he said.
In one instance, Meta said its investigators were able to break up a newly operating syndicate in Cambodia – a reported hotbed for Chinese organized crime-linked scams – after a tip-off from AI technology start-up OpenAI.
Because of ever-evolving evasion techniques, Meta said its in-house investigators update in tandem, the new “behavioral and technical” characteristics of these criminal groups so the company can “scale automated detection and block malicious infrastructure and recidivist attempts” on its platforms.
How pig butchering works
Meta describes a “pig butchering” operation as formulaic, in which certain steps are carried out, in a certain order, to successfully scam a victim, similar to the ‘kill chain’ in a cyberattack.
In fact, the scam center activity involved in this investigation was found to be “tightly scripted by criminal syndicates to scale their operations,” Meta said. Meta lists the five steps associated with pig butchering attacks, in general:
Spray and Pray – The scammers reach out to large numbers of people, posing as a trusted source or love interest. Scammers often use automation to blast their generic appeal via varied forms of communication, including dating apps, text, email, social media, or messaging apps.
Manipulation – If a victim responds, another set of scammers use targeted social engineering tactics to gain the victim’s trust over a period of days or weeks.
The pitch – The scammer casually pitches a lucrative investment opportunity, encouraging the victim to start small to avoid risks.
Investment scam starts – If the victim agrees, they are moved to scammer-controlled crypto accounts or their own fake investment websites.
Bait and vanish – To maintain trust, the scammer will allow the victim to withdraw small amounts of fake profits from the ‘investment,’ but ultimately the scammers disappear with all the victim’s money when pressed for more.
Beefing up protections
“Our investigative teams are always on the lookout for new scam compounds globally and continuously disrupting their operations,” Meta said, stressing the importance of partnership with industry peers.
In the lead-up to Thursday’s announcement, Meta took part in the Tech Against Scams Coalition summit last week to share information on how to combat online criminal syndicates – with law enforcement, government officials, and NGOs – alongside fintech giants such as Coinbase, Ripple, and Match Group, the parent company of dating apps Tinder and Hinge.
Meta said it has also developed new pop-up warnings on its apps to alert users of possible scam attempts.
To help protect scammers from stealing your personal information, Meta said users should remember to ensure a website is legitimate, not to click on unverified links, and never send financial information or money to anyone unknown. Additionally, users should:
- Always use two-factor authentication
- Set up “selfie verification” recovery on accounts
- Verify source of ‘unbelievable deals’
- Be wary of fake government websites
- Look out for fake celebrity advertisements
- Beware of romance scams using fake dating profiles
- Watch out for retail scams that mimic real brands
In July, Meta successfully removed more than 65,000 sextortion accounts off Facebook and Instagram, many of them run by the criminal syndicate known as the Yahoo Boys, located in Nigeria.