?

Log in

No account? Create an account

Facebook spam - John C. Kirk

Nov. 1st, 2012

04:36 am - Facebook spam

Previous Entry Share Next Entry

2 months ago, I mentioned my new plan to deal with comment spam. That's worked very well: I've only had 1 dodgy comment since then (from a Russian LJ account), so I simply blocked that account. Meanwhile, I've been having spam problems with Facebook.

The first issue is slightly indirect. I've had a few spam emails, and the names match people who I know on Facebook. My first thought was that they'd had their email accounts hacked and someone was sending out spam on their behalf. However, the email addresses don't match; they seem to be randomly generated throwaway accounts. So, I now think that the spammers are going through a Facebook profile to get the list of friends. If they'd looked at my profile then I'd expect to get quite a "spread" of names, but in fact I've had several messages that claim to be from the same 2 people. So, it seems more likely that those 2 people are the source, e.g. by installing a dodgy app. This is all circumstantial, so I don't want to "name and shame" anyone yet; all I'll say is that both people have forenames that start with "A". Has anyone else encountered this?

The second issue is directly related to Facebook, and it's a bit sneaky. I'm one of the admins (moderators) on a particular group, and I've noticed that I keep seeing the blue number next to the group name to tell me about new messages but then I don't see anything new when I click through to the group. Meanwhile, other people are complaining about a deluge of spam, but I can't see it at all.

It turns out that Facebook have a bit of a security hole. If you join a group, then block all the admins, they won't be able to see any of your posts. There are a few privacy options for (large) groups:

Privacy

However, even the most restrictive setting will still allow members to see each other, and identify who the admins are. I think it's reasonable for someone to block a particular admin if they have a private disagreement with them, but group admins should be able to see all content in that group regardless of who posted it.

Taking an example, here's what I see with my admin account:

Admin view

Here's what someone else (non-admin) sees:

Normal view

So, there's an extra (spam) item which is hidden from admins. If I see the blue number but don't see any new content then I suspect that there's hidden spam, but I don't know who posted it unless someone else actually tells me about it. Even then, if they send me a screenshot like this, I can ban the member but that won't delete the spam posts.

Several people have reported this problem in Facebook's help centre, e.g. here. Unfortunately, Facebook don't seem to be interested in fixing this. Also, if a normal group member (non-admin) clicks the "Report/mark as spam" option then this doesn't send any notifications to the group admins, it just goes off to a central Facebook account, and they seem to ignore it.

Pragmatically, the best solution is for the group admin to create a second (non-admin) account which is also in the group, then flick back and forth between them. Unfortunately, that's against Facebook's terms and conditions. So, let's assume that you have a close personal friend who is willing to assist you with this.

The group admin needs to temporarily promote the other person to admin status. This second person can then delete the offending post and (permanently) ban the account from the group. Once that's done, the original admin needs to demote the second person back to ordinary status again. If the second person stays as an admin then they'll get blocked by future spammers, so you'll be no better off. Also, be aware that when you promote someone this gets announced to the rest of the group. There's no way to delete that message, but it seems to disappear when you demote the other account. So, it's probably best to do this "off peak", and promote/demote as quickly as possible so that you don't attract attention.

I'm not sure how automated this process is: it may just be bots, or there may be people in developing countries doing this manually for minimum wage. Looking at this example, it was apparently posted by "Danille Bostock". As an admin, I couldn't view her account at all, but my non-admin friend was able to click through to her profile:

Profile page

Clicking her photo gives a slightly bigger version:

Profile picture

The bottom-left corner says "© Facebook" which is odd. Looking at Facebook's terms, they say that you own any photos you upload but you grant them a royalty-free licence to use them. So, you don't normally get that copyright blurb attached to every photo.

I downloaded that photo, then uploaded it to Google image search, to see whether it's used elsewhere on the web. That led me to a Daily Mail article: Family of 17-month-old boy found buried in backyard are evicted as state takes custody of two surviving boys. That article includes a familiar photo:

Daily Mail photo

So, "Danille Bostock" is actually using a photo of Heather Kowalczik. I don't know any details about that case, but it seems like an odd choice. I did a similar search for another spammer, and found that her profile photo is actually from a Vogue cover. Admittedly, this is a bit of a grey area, because a lot of people use cartoon characters or celebrities as their profile pictures; personally I'm not keen on that, but it doesn't automatically mean that they're dodgy. Still, it's potentially a warning sign when a new person asks to join a Facebook group and the admins don't know anything about them.

Tags: ,