Some weeks ago, we took part in a documentary called “How hackers are hijacking your Facebook ‘likes’”. The program was originally broadcast on Channel 4 (UK) on the 2nd August 2013 and covered the story of Facebook accounts being compromised illegally to go on to be used to promote products and services the owner would otherwise be unlikely to “Like”. I must say, it was very exciting to be interviewed as part of the documentary and the Channel 4 team were very interested in all aspects of digital marketing, not just the bad stuff that can happen to unsuspecting consumers.
Facebook: It’s the world’s largest social network, a place where friends connect and share. The power of personal recommendation is central to why it works. But a Channel 4 news investigation has found Facebook has been targeted by cyber criminals, who’ve hijacked users’ accounts and endorsed products they want nothing to do with. We reveal how a massive black market in Facebook likes, with people paying for recommendations, threatens to undermine trust in the social network.
Exposing the underground trade came about through a Channel 4 news project called the Data Baby. It aims to shed light on where our online data goes; who is using it and what for. To track that data we created an online persona from scratch and made it as authentic as possible. We called her Rebecca Taylor and made sure she was on all the popular social networks.
Rebecca Taylor – The Honeytrap
Online, she behaved like anyone else browsing, clicking and interacting, but with one difference. Every move is monitored by us and we followed what is happening to the information. Using the Data Baby project, we have gained a rare insight into the hackers who make cash with Facebook likes; as Sarah Smith reports.
Sarah: We all want to be liked and thanks to Facebook we know what everybody else likes too. There is money to be made from being popular and even more to be made from abusing the system. We are about to show you how your likes may be being stolen and sold on, promoting products you probably never heard of, let alone actively like.
The internet has transformed, not only how we shop, but how we decide what to buy. Products and services are rated by other customers, by our friends and we believe those recommendations far more than we believe adverts or marketing campaigns. But what if it’s not true? What if those recommendations are being cheated and manipulated? We have discovered a lot of those likes are really complete lies.
Can Likes be Complete Lies?
Penny Lewis is a woman who knows what she likes. Mostly, she likes good food freshly prepared. She runs a cookery school in the Brecon Beacons. Like most small businesses, she uses Facebook to market her courses. So she was shocked when we showed her she had unwittingly being liking on Facebook.
Penny: I didn’t realize that it could be abused, because that’s what they are doing; they are abusing it, aren’t they?
Sarah: Without her knowledge Penny’s account is being used to like hundreds of pages and product’s like Matters of Size and Lover Lesson, whatever that might be. She had no idea, but all her Facebook friends will have seen here promoting these unsolicited services.
Penny: It concerns me. I don’t think it is particularly nice. Some of them are really well, horrible. And that is just looking at the initial picture without actually going on and looking at them. And it is embarrassing to think that my friends think that I would like something like that.
Sarah: Are you shocked?
Penny: I am very shocked. Yeah, I am very shocked.
Sarah: So, how did Penny end up liking so many embarrassing pages? Here is how.
Unknown: Need more Facebook likes? Start today from as little as $8.99 and give your Facebook a boost.
Promoting a Brand – Beccas’ Cupcakes
Sarah: As part of our investigation we set up a Facebook page for a fictional company Becca’s Cupcakes Page. We bought two and a half thousand likes from Social Booster; a bargain at just $39.99. Three days later the likes arrived, including one from Penny Lewis. We spoke to some of the others who had also liked our made up page and none of them had any idea they were promoting our cupcakes online. Social booster told us the company had recently changed hands and they wouldn’t answer any of our questions about where they get their likes.
Male 1: You will get 300 Facebook likes that will tremendously help you to get a good image on Facebook.
Sarah: There is a massive black market in Facebook likes out there. We found 14,000 people selling their service online.
Male 2: Have you got a Facebook Page? You want to listen up because here is the gig.
Sarah: They may not be all hackers, but they are all breaking Facebook’s rules.
Male 3: That you can connect to it by liking it.
Sarah: Facebook know that this abuse is going on, and they say they do what they can to combat it. But with four and a half billion Facebook likes generated everyday they don’t catch all the fakes. They have now removed several pages as a result of our investigation. So, why would anyone buy likes online? Experts reckon each like, bought for pennies, can be worth for over a hundred pounds in the marketing value.
Richard: If you have created a Facebook page, it is adding lots of value. There are lots of people looking that page regularly. You could put up a small advertisement or a link to another website and generate some commission from the referral of that traffic to that site, if a sale occurs.
James Lyne, global head of security research at Sophos
Sarah: So, how is it done? How do you create all these fake likes?
James: So, there are lots of ways you could do it. I will show you a couple of most common ones. The first one is called like jacking and it works by taking a victim webpage and inserting some nasty codes, so when anyone visits that page they automatically go and like things and without their explicit permission.
So, let’s go a fresh example of this. Here is one that I pulled off the internet earlier and this is someone’s blog which has unfortunately fallen to a victim to an attack. And as soon as we access the page we will see there is a shocking video, which me being an internet coinsure, I obviously want to view. If you look very closely, you will see what looks awfully like a Facebook posting page, kind of shadowed in the background.
Sarah: In the background.
Sarah: Which you would normally never notice.
James: No, you would just carry on, click submit and wait for the video to appear. What they have done is they have overlaid the Facebook page just there. So, we are actually interacting Facebook whilst being on the blog.
Sarah: Without realizing.
James: Hit submit and then this goes and posts a like onto Facebook.
Sarah: So, we would never know that it has happened. You would just watch the video and you would…
James: The only indication that you might get is that if your friend started kind of noting your like and told you about it. Let’s be honest most people aren’t likely to notice that at all.
Sarah: Facebook is probably the world’s biggest marketing tool, and it works because its one billion users believe what they see their friends post them. Now we have uncovered how the very essence of a social media site is being hijacked by very anti-social hackers.
A transcription of Channel 4′s “How hackers are hijacking your Facebook ‘likes’” originally broadcast on Channel 4 (UK) on the 2nd August 2013.
Image credit: Chollingsworth