Back in June, Facebook announced that the social network had reached the remarkable milestone of two billion active users. But because of its widespread reach in society, the social network is also being used for counterfeits. For example, Facebook has recently banned 470 "fake" Russian accounts and pages trying to influence politics and some users were exposed to malware capable of detecting a user's system settings to deliver the appropriate adware.
Now, researchers from the University of Iowa have found an ecosystem of more than 50 websites that offer free, fake "likes" for user's posts in exchange for access to their accounts. According to their findings, about one million Facebook accounts are enrolled in "collusion networks" run by spammers, which generated as many as 100 million fake "likes" between 2015 and 2016.
Furthermore, the researchers claim spammers have recently turbocharged their efforts due to a loophole found in the code used to allow third-party applications to access a user's Facebook account. The issue automates the process of "liking" posts, which was previously a manual process. Even though Facebook claims it is already patched, USA TODAY was able to join one of those networks and make use of it even after the company's statement.
Of course, people who use those services are violating Facebook's terms of service and run the risk of having their personal data used by unknown parties. As stated by Zubair Shafiq, Professor of Computer Science at the University of Iowa:
"Users think it's relatively benign, but actually they're handing over full control of their Facebook account. They [the spammers] can also access all the information that's available on your profile, see your posts, get your friends list, even read your private messages. We can't tell if this information is being collected and sold to others."
Users of social networks should always pay special attention to requests regarding access to their private data. Also, reviewing which websites and apps have access to one's account should be a habit. If you are a Facebook user and want to check which apps have access to your account, first go to the Settings menu and then to Apps, or click here for direct access.