Posted on October 6, 2021 at 4:05 PM
A new report has revealed that personal details belonging to 1.5 billion Facebook users have been posted for sale. Hackers allegedly gained access to these personal details through web scraping. Late last month, a member of the hacking group that is alleged to be behind this attack claimed to have possession of these details.
According to PrivacyAffairs, one user has stated that he received a quote of $5,000 for the details that belonged to one million users. The person selling this information stated that some of the details contained therein include names, email addresses, user IDs, gender, phone number and location.
The report on this hack shows that some of the samples that the others brought were authentic. However, some stated that they never received any of the information that the user alleged despite paying the requested amount. This created speculation that the hacker was either involved in a scam or could not share the information because of certain constraints.
Data Accessed through Web Scrapping
The data in question is alleged to have been obtained through scraping. Hence, to obtain the data, the threat actors did not go through traditional hacking and compromising user accounts.
Web scraping is a process that involves the extraction of web data. Threat actors use this strategy to harvest data that is publicly available and later organize this data into lists and databases.
The web data that was accessed through scrapping does not mean that the accounts of the users were compromised. However, this does not mean that the information of these users is still secure. The data that was infiltrated during this attack could still end up in the hands of internet marketers or cybercriminals.
One of the main groups of people who can purchase this data for later uses is unethical marketers who would want to use it to spam users and groups with various advertising messages that they have not signed up for.
What poses a huge risk to Facebook users is the details that hacking forums claim to have access to. The most sensitive details such as location, the full names of users and phone numbers have alarmed many. The use of these details by marketing agencies will add to push notification and SMS spamming that is becoming highly popular among users. Some countries have even banned SMS and push notifications to span users into purchasing their products and services.
Scraping is the most common way used by hackers to gain access to social media accounts. The majority of scrapped data is usually obtained from users who have set their Facebook account profiles as “public.” However, such users end up leaving the majority of their personal information available to other Facebook users, which could compromise the privacy of their accounts.
Besides using public profiles, hackers also use Facebook surveys as another method of data scrapping. Facebook timelines are usually filled with posts that urge users to take a survey and learn more about themselves or other matters. However, most of these surveys are usually posted to obtain personal data from Facebook users.
Each time a user participates in a survey or a quiz posted for phishing purposes, they will allow the creator of that survey to gain access to the personal information provided during these surveys and quizzes. The details that users are asked to provide during these surveys were the full names, email addresses, phone numbers, gender and more.
Scraped data can be used to Conduct Hacks
However, the fact that this web scrapping event did not compromise user accounts does not mean that these accounts are still safe. For instance, the hackers can still use the details obtained from this scraped data to conduct phishing attacks and carry other software attacks.
With users’ phone numbers, hackers can use them to create fake messages and send them to the affected users. To phish for information, the hackers can pretend that these messages have been sent by Facebook or a banking institution, after which the user will grant access to these accounts. Some of the prompts users receive through these fake SMS and push notifications to include changing their passwords, security settings or other similar things.
Hackers also send links through these fake SMSs, which will lead users to cloned websites. If the user enters their current passwords on these websites, the hackers can save them and use them to gain access to the affected accounts. This is the most obvious way Facebook and banking accounts are hacked, and these details are sold for very little amounts.