What is to stop these media partners from stealing sensitive user data, even if Facebook says it does not keep sensitive data? Rather than having the user control the information sent
Creating fake Facebook accounts for companies, businesses, public figures, and even normal people to attract advertisers or false interest has been occurring since the early days of Facebook. What’s different now is Facebook has stated they have a mechanism to verify the identity of its users through its verification badges, such as the blue badges.
Sometimes fake accounts occur because users were careless to reveal sensitive information about themselves, opening avenues for fraudsters to setup fake pages.
But can you always blame users? Facebook simply does not make it easy to get verified and they give conflicting information. For “normal” people, they say it is not possible to get blue badge verification, but they also have a ‘normal’ verification procedure for most users where you could submit details to get verified. Media partners also perform verification for Facebook, including businesses. The procedures for verification are enigmatic, where guidelines are not evident or you have to do your own Google searching to find relevant advise. They have essentially left it to others to tell others on how to get verified or other have created businesses offering services for verification.
One problem is media partners are carrying out the verification procedure. What is to stop these media partners from stealing sensitive user data, even if Facebook says it does not keep sensitive data? Rather than having the user control the information sent to the parent company, such as Twitter, Facebook has information verified by outside companies.
It is not clear how many fake accounts exist on Facebook but it is definitely a major problem. The company itself does not know but the most recent estimates suggest it is well over 100 million and maybe on the order of 170 million.
The numbers of fraudulent accounts appear to be increasing as estimates are often revised up. Facebook has become part of larger strategies at fraudulent and often illegal forms of activity. A recent study found that 19% of spam emails sent for fraudulent acts or to unsolicited products have Facebook accounts associated with them, where many accounts were fake.
For the foreseeable future, the trend will likely get worse and we may have not seen the plateauing of fake accounts just yet. Facebook, by not acting to create a better process, has become complicit in facilitating online fraudulent Facebook accounts.
Even as Facebook itself is not creating the fraudulent accounts, by not allowing an easier and transparent process, Facebooks’ actions are leading to digital identity theft. Because of difficulties faced by those in trying to get verified accounts, there is now a black market for selling verification badges for a variety of social media accounts, including for Facebook.
While Facebook says verification should not cost anything and anyone selling verification services may potentially use that data for nefarious purposes, employees at social media companies have been accused of selling verification badges. Employees might be doing this for simple rewards but potentially they are doing it for thousands of dollars. Furthermore, by forcing users, through their difficult verification process, to go to secondary companies offering to provide assistance with the verification application, users are forced to send sensitive information about themselves. It does not even require providing a lot of data to create a fake online account. All you need is date of birth, first and last names, and a picture. The threshold for digital identity theft is simply low.
What we are seeing is very serious. It is a potential cocktail for digital identity theft for public figures, artist, and others. Examples of recent fraud and potential exposure to fraud include the Puerto Rican singer Ozuna, where a fake Facebook account using the singer’s name took thousands of dollars from booking agents, clubs, and fans by selling tours, shows, and presents that were supposedly from the singer.
In the case of the Mexican reality TV star Brenda Zambrano of Acapulco Shore, someone had created an account in her name and even obtained a blue badge. It took the reality star months to remove the wrong account and have her real account verified.
In it not just famous people but writers, scientists, journalists, and many others have also been sent fake friend requests, only to find that those friend requests were sent from fake accounts that skimmed their data, including listed details and profile pictures, and then created more fake accounts to trick others. Why is Facebook then allowing this to happen? The fact is it does take significant resources for the company to invest in to create verification processes that can be more automated and help the average user.
Standards for getting on Facebook as a normal user are very easy, but getting verified is another matter. It also takes greater responsibility for Facebook to more closely police itself using verified techniques. Facebook does not seem to be willing to invest enough in your average or even some famous users.
To combat this problem, the process has to become clearer for users and the process of verification services needs to be fully embraced by Facebook. Sites like Twitter have done this recently and there is no reason Facebook not to follow in this example. Quick responses on verification, using a clear process for average users, rapid action to remove fraudulent accounts, and even legal prosecution of fake pages, to deter fraud, for needs to occur before we begin to see any diminishment of this potentially harmful activity.
Perhaps a positive trend is there is also now a growing emergence of software to check how likely a given account is fraudulent or possibly used for fake activities, including for Facebook. Perhaps one question we should pose to Facebook is what are they using to detect fake accounts? The verification process is not transparent, opening a major potential for criminal activity.
For Facebook users, threats to their accounts can be off-putting. For Facebook, such threats can hurt its long-term market share while hurting its desire to create meaningful communities.