Top 5 2022 Cybercrime Scams Targeting Everyone

/0 Comments/in /by

According to experts in threat analysis, 2022 could be the year that cybercriminals start focusing more on the Average Joe instead of focusing on big corporations as they have in the past. These days, consumers could be a lot more lucrative to hackers, so it makes a lot of sense. Here is what you need to know about what is happening to help hackers:

Cybercriminals Like to Take the Easy Path

No one really likes to do a lot of hard work, and this includes hackers and other cybercriminals. So, they will focus on the path of least resistance when targeting a victim. Where they used to find a lot of loopholes with corporations, now they are focused on individuals…specifically those who work from home as a remote worker.

Remote Workers Are Easy Prey

Though the pandemic is starting to fade away, remote working seems to be here to stay, and with that comes more security risks. While all of this is going on, organizations are focusing more on internal security and forgetting that they have employees out there who can easily be connected to the network remotely and are vulnerable to hackers.

So, it is totally possible that for a hacker, it is much easier to access a company network by using social engineering or a phishing scam on Mary in Customer Service, who now works from home in her jammies, than it is to go through traditional hacking methods.

We are in a Crypto-World, Now, Too

2021 was the year for those who mine cryptocurrency because coins like Ether, Bitcoin, and other cryptos rose greatly. Meanwhile, we also…and are still seeing…the rise of NFTs on the market. People who are just now getting into this are really focused on this new crypto-craze, and they don’t know how to protect themselves. Hackers are focused on them, too, and it is thought that it will continue to rise into 2022.

Meta is also here, now, and it is expected to create even more payments via digital assets, and this is expected to add even more fuel to the fire.

Stopping Macros

Another thing that is happening right now is that companies like Microsoft are working to disable things like Excel 4.0 macros, which hackers often use to get malware on a victim’s device. However, hackers are one step ahead, and they are now working on fooling victims to go to a malicious website instead, and using things like social media sites, fun games that are actually designed to steal passwords, and even posting YouTube videos designed to hack.

For much of 2021, experts noted that there were tons of threats to people that came from software that looks innocent, such as games, and though a person can play the game in some cases, the software also installs things like miners onto the device. This, too, is expected to increase throughout 2022.

Even More Adware

For most cybercriminals, adware is seen as a great way to make money, and they use it to exploit networks, smartphones, and even computers. It is expected that in the remainder of 2022, these attacks will continue to rise as they are difficult to detect but spread fairly quickly. Many consider adware to just be annoying and not particularly dangerous, these programs may be bundled with other types of software including ransomware, viruses, and more.

Speaking of Ransomware…

Finally, when we think of ransomware these days, we still see a lot of threat, but they had been focused more on larger companies and corporations. As we settle nicely into mid-2022, however, we have seen more ransomware targeting governments and other similar organizations, as well as people who may own something of value. These attacks are common for hacking groups, as they are easy to pull off.

We also see the ransom demands falling a bit, with hackers asking individuals for $1000 or less in order to access their device. This means that consumers have to be more careful than ever before, and they need to keep the following in mind:

  • Only use unique passwords that are very strong and varied. (I.e. a mixture of letters, numbers, and symbols.)
  • Use security software, like Microsoft Defender, if you have a Windows computer or any antivirus as long as you ay for it. With free, you get what you pay for.
  • Never open any email attachments from a person or company that you don’t know. Call them first to confirm its OK.
  • Don’t expose internal services, like NAS devices or a Remote Desktop, to the internet.
  • When OS and software updates are available, make sure you install them.
  • Don’t download key generators or software cracks, which often contain viruses or ransomware.

By taking these simple steps, we can work together to make sure that 2022 is NOT the biggest year of cybercrime, and instead, the year we do our best to fight back against hackers.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now#1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Protecting Your Accounts from Russian – or Any — Cyberattacks

/0 Comments/in , , , , /by

No matter when you look at the news, there is probably a story about Russian hackers…and if there is not a story about hackers from Russia, there is likely a story about hackers from China or a place like Turkey. There is definitely a chance that any hacker or hacking group could launch an attack against the US, and the government has even briefed companies about what to do if they believe they are at risk.

hacker chest

Just because you are an individual, it doesn’t mean that you are not at risk of a cyberattack, just like a company is. You may be wondering how you can protect yourself, since this is the case. This is a great time to learn more about how to stay safe from cyberattacks – no matter where they come from.

Many cybersecurity threats are coming from what is known as a “Distributed Denial of Service” (DDOS) attack, which is often launched against a website or a financial network. Basically, the hackers push so much traffic to a network or site that it totally crashes, which disrupts business. At this point, the IT team has to focus on getting the network or site back up, which opens a window for a hacker to move in right under their noses.

These attacks can happen at any time, and they can be quite far reaching. Back in 2012, a group of Iranian activists attacked more than a dozen banks in the US, which disrupted all of their sites.

So, what can you do to make sure this doesn’t happen to you? Here are some tips:

In addition to below, check out our post: Russian Hackers: 14 Ways to Protect Yourself and Your Business

  • CASH, YES Cash: Try to keep a little cash available, especially if you are going out of town. This way, you will have money in case a banking network or ATM is not working due to a DDOS.
  • For every banking or financial account you have, make sure you have a strong and unique password. Don’t reuse any passwords, and do not use any social media password for any banking site.
  • Always watch your financial accounts for unusual activity. Check your bank account online or via phone at least once a week, and if you can, every day or two. If there is a problem, it is always best to find it as early as possible.
  • Russian hackers often try phishing scams on social media or via email in order to get access to corporate networks. Never, ever click a link in an email or on social media from someone you do not know. They also use text messages to try to get people to respond with information that will allow them into accounts. Even if it seems like it’s coming from a company you are familiar with or even do business with…confirm everything before you click or give information.
  • Sign up for email or text alerts for all of your financial accounts. This way, if there is a weird transaction, you will be notified immediately.
  • You should also consider signing up for multi-factor authentication for any financial account. When you do, and someone tried to sign into your account…even yourself…the bank or other company will send you a code to the email or phone number they have on file. Even if you put the correct username or password in, you cannot get into the account without that code.
  • Always update all of your apps and software on every device, including phones, tablets, and computers. To make it easy, set these updates to occur automatically, and then you don’t have to worry about it.
  • Don’t believe everything you see online. There are a lot of scams out there, and there is a lot of “news” out there that is not real nor correct. Use common sense before doing anything.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Tips to Protect Your Identity from Cyber Thieves

/0 Comments/in , /by

There are several tried and true ways that you can use to protect yourself from ID theft, and some of them you might have never even considered:
Check Your Passwords – Every online account you have should have a different password. Never use the same password for more than one account. You can easily fix this issue by using a password manager. Also, don’t use specific words/phrases or keyboard sequences when creating passwords. A password manager can even generate passwords for you.

Don’t Post Personal Information on Social Media – This including things like your kid’s school or teacher, the town your parents live in, your pet’s name, or even where and when you are going on vacation. Cyber thieves can use this information to guess passwords.

Ignore Any Email from People You Don’t Know – If you get emails from people you don’t know that have a link or attachment, never, ever click or open them.

Put a Password on Your Phone – This way, if your phone is lost or stolen, you don’t have to worry.

Shred Important Documents – Anything that comes in that has personal information, that would go in the rubbish, should be shredded. This includes credit cards bills and medical records.

Never Give Your Social Security Number Out – Unless you absolutely have to, you should not give up your Social Security number. Just because someone asks for it, that doesn’t mean they actually need it, or you should hand it over. That said, I give up my social all the time. But only on documents or applications that absolutely require it.

Check Out Your Credit Report Each Year – Every year, or every quarter, you can get access to your credit report for free. Check it out when you can to make sure it’s accurate.

Inspect Your Statements – Look for anomalies or unauthorized transactions. This includes any banking and credit card statements, and you should do this each month.

Get a Locking Mailbox – A locking mailbox is available at most big box hardware stores or online.  Or pay for a PO Box.

Stop Your Mail When You Travel – You should also stop your mail delivery when you take a long trip.

Freeze Your Credit – Consider freezing your credit. This will stop an ID thief from opening new accounts in your name.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

8 Cyber Security Tips You Can Start Today to Keep Yourself Safe

/0 Comments/in , /by

These days, it seems like there is one data breach after another, and each time, they are being done by those who want to steal your identity. Thankfully, it is much easier than you probably think to keep your info safe. Here are some tips that you can start doing right now to put yourself in a position to fight this:
Cyber Security Tips
Take a Look at Your Accounts

Almost any account allows you to check the recent activity. Even Facebook, Google, and Twitter have this available. When you take a look at this, you can see every log in and authorization. If something looks strange, such as a log in from Nigeria, odds are good that you have been compromised. Most of these sites allow you to log out of every location, so you should definitely do that.

Take a Look at Your Computer

 You may not realize it, but at any time, there are a number of programs running on your computer. However, some of these might not be safe. So, it is always a smart idea to check to see what is running in the background. To do this, you can check Activity Monitor for Mac or Task Manager for Windows. If you don’t know what a program is, look on Google. It will tell you if it is good or bad. If it is not good, figure out how to uninstall or remove it.

Take a Look at Your Passwords

 Also, take a close look at your passwords. Do you think they are really safe? Every account should have its own password, and if you use the same passwords for more than one account, your chances of getting hacked rise exponentially. You also need to make sure you are changing your account passwords on a regular basis. You can use our FREE Email Checker and check your email address and passwords.

When you do this, you can check to see if your account has been compromised. If so, change your password immediately. You should also consider using a password manager.

Take a Look at Your Wi-Fi Connection

Are you paying attention to your Wi-Fi connection? Do you have a password protecting it? Do you have a WPA encryption? Do you have anyone piggybacking on your connection? You can install a program like Wireless Network Watcher. It is also very important that you are cautious when on public Wi-Fi. Only use a VPN, virtual private network, when connecting to public Wi-Fi.

Take a Look at Connected Apps

You also may not realize that you have given your social media accounts permission to connect to other apps. Though this isn’t extremely dangerous, they can result in account takeovers and data leaks. So, if you don’t use a specific app or service any longer, you should sever the connection.

Take a Look at Installed Apps

When you look at those connected apps, also take a look at what apps you have installed on your computer and your mobile device. You may have downloaded some type of malicious program that looks like a tool or game, but it could end up wrecking your system. If you have any weird apps, check Google to see if there were any vulnerabilities or flaws.

Update Everything

You also want to make sure you are updating your apps and OS regularly. These updates often contain security improvements in order to keep your devices safe. The newer the update, the safer your device. Also, don’t forget to check for updates on your browsers, routers, and even printers, as these can be manipulated, too.

Protect Your Identity

Finally, do everything you can to protect your identity. There are two ways to do this, especially when it comes to stopping someone from opening new lines of credit in your name. You should set up a credit freeze through every credit bureau. You should additionally set up an account that offers identity theft protection. This helps to watch your data, and it monitors your credit reports. If something goes wrong, when you have this type of protection, there are people standing by to fix things, and by doing this, you can minimize the damage that could occur.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Survey Shows Most People Back Up…But Not as Often as They Should

/0 Comments/in , /by

According to a new survey, we now have a good idea of the habits of the regular person in regard to backing up their devices. The survey, which covered almost 3,000 people, looked at people around the world. What it shows is that 91 percent of people back up their devices and their data. But, 68 percent of people still lost data because of a different reason. These include accidentally deleting the data, software or hardware failure, or even because they hadn’t backed up their data recently. The truth is, only 41% of companies and people back up each day, which leaves most of us…and most businesses…vulnerable to data loss.

surveyThe data from this survey stress how important it is to implement some type of cyber protection strategy for a business, which includes backing up data several times a day, and using the 3-2-1 backup rule. This is creating three copies of your data (a single primary copy and two backups), storing your copied on two different types of storage option, and then storing one of the copies in the cloud or remotely.

Change the Game with Cyber Protection

With more cyberattacks happening all of the time, the traditional methods of backing up our data is no longer working. We simply cannot rely on only backing up our information. It is way too dangerous.

Cybercriminals will target backup software with their own ransomware, and then try to modify the files, which makes it even more important to protect your information.

Recommendations for Cyber Protection

There are a number of different ways you can protect your personal or company’s information. Here are just five things you can do to ensure that your data is relatively safe:

  • Create a backup of your most important data…always – Keep a number of different copies of your backup locally and in the cloud. You want to do it locally so you can access it quickly and frequently, and you want to save it in the cloud to make sure that even if there is a fire, flood, or other disaster, your data is safe.
  • Ensure your OS and applications are all the current versions – If you are not updating your OS or apps, it means that they are much more vulnerable to getting hacked. These updates often contain patches and fixes that can keep cybercriminals out.
  • Beware of any suspicious links, emails, or attachments – Most ransomware and virus infections are created by using social engineering, and they trick unsuspecting people into opening these infected attachments or clicking on a link that installs malware to the device or network.
  • Install anti-virus, anti-ransomware, and anti-malware software – While you are doing your automated updates for your apps and OS, you should also be using all of these different software options, too.
  • Consider using an integrated cyber protection solution – You want to choose an option that combines anti-ransomware, anti-virus, backup, patch management, and a vulnerability assessment all in a single solution. This type of solution increases efficiency, ease of use, and the reliability of your protection.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

 

8 Scams That go Beyond Pandemics

/0 Comments/in , /by

As you might know, scammers often take advantage of people during times of trouble, such as in the current atmosphere of the COVID-19 pandemic. Here are some of the scams that you should be on the lookout for:

pandemicAccount Takeovers

This is a scam where the cybercriminals take credentials obtained from data breaches to take over accounts. They are also trying to reach out to kids to give up their account credentials, as they know most of them are out of school.

Phishing

There are a lot of phishing scams out there that are taking advantage of peoples’ fears about COVID-19 pandemic. Right now, the most prolific are coming out about the World Health Organization, WHO. Preying on fears is a common tactic that people use, and when people click on links in emails that look like they come from WHO, they can get access to your devices, collect private information, and even steal address books.

Vishing

This is a tactic that scammers use to get access to people’s back account information. The scammer informs people that there is something wrong with their bank account, and that they should call a number. When they do, it is a VoIP number, and the victim can unknowingly give up their personal information, including their banking information.

Smishing

A smishing attack is similar to a vishing account, except it uses SMS instead of emails or phone calls to lure in their victims. Most of these smishing attacks are focused on the coronavirus and have a sense of urgency to them.

Social Media Attacks

Social media attacks are looking pretty legit these days, and that’s why it’s easy to fall for them. Essentially, they look like a social media post from a real retailer who is giving something away.

Fake e-Commerce Sites

There are also a ton of new fake e-commerce sites popping up, most of them claiming to sell things like masks, gloves, and other COVID-19 related products.

Rogue Mobile Apps

Fake mobile apps are also on the rise, and when downloaded, these apps can install things like spyware, malware, and ransomware on the person’s device.

Work at Home Scams

Finally, we have work at home scams, which are becoming very popular due to so many people being out of work. Often, these scams make people lose more money than they could make.

Don’t be a Victim

Here are some tips that you can use to stop yourself from becoming a victim of these scams:

  • Don’t respond to any texts or calls from numbers you don’t know or that seem suspicious
  • Don’t share any financial or personal information via text, email, or on the phone.
  • Be careful if you are asked to share information or make an immediate payment.
  • Scammers might try to spoof numbers to trick people into answering. Remember, there are no government agencies that will ask you for money or personal info.
  • Don’t click on links that you get in text messages. If you get one from a friend, make sure it is legitimate before clicking on it.
  • Always check that a charity is real before making any type of donation.

These cybercriminals are poised to profit from this pandemic, and they are doing all they can to take advantage of people. So, it’s important that you use caution.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

Working from Home Due to COVID-19? Protect Yourself from Cyberattacks

/0 Comments/in , /by

As we start to get used to living in a world where COVID-19 is changing everything, one of the differences that many have people are doing is working from home. With so many people now working on their home networks, cybercriminals are stepping up, and they are hoping to take advantage of people making security mistakes and doing more searches, specifically on COVID-19. This is a great opportunity for these thieves to target their victims.

COVID-19

Keep in mind that most people who are working from home are not working on a very secure network. Cyber attackers know this, and its important that both individuals and companies take the steps to protect themselves from COVID-19 and their information.

What Can Companies Do?

During this time, managers, owners, and supervisors should be setting clear expectations about how their businesses are going to work in these new environments. When these changes come down, they should come from the top. Here are some things to keep in mind:

  • You Must Understand the Threats – Business leaders should understand what threats are likely and prioritize protection methods based on that.
  • You Must Release Clear Guidance – It is also important that your organization’s at-home policies are easy to understand for all employees. This should include informing staff to communicate with security teams in the case of suspicious activity.
  • You Must Offer the Right Security – All business leaders should ensure that any company-owned devices are equipped with the best security capabilities. This includes the following:
    • The ability to connect securely to a business-owned cloud, and access to video teleconferencing apps that are important for remote workers.
    • Endpoint protection for all mobile devices and laptops including VPN tools and encryption.
    • Enforce the use of multi-factor authentication.
    • The ability to put a block on malware, exploits, and other threats using the best types of software and hardware.
    • A plan to filter any malicious domain URLS and stop any phishing attacks.

What Can Individuals Do?

People working from home should also take steps to ensure that they are remaining safe when working remotely.  Here are some things to do:

  • Create Strong Passwords – You should always create strong passwords and consider a password manager to facilitate multiple passwords opposed to the same passwords across multiple accounts.
  • Update Software and Systems – Install any system updates or patches as soon as you see them.
  • Make Sure Your Wi-Fi Access Point is Secure – Look at your Wi-Fi access point and make sure to change the passwords and default settings.
  • Use a VPN (Virtual Private Network) – A VPN is a good way to create a safe connection between a home computer and the worker’s organization.
  • Be Smart About COVID – 19 Scams – There are a ton of scams out there, including fake apps, so be smart.
  • Don’t Mix Work and Personal Tasks – Use your work device for your work and your personal device for personal tasks.

By taking these steps into consideration, either as a business leader or an employee, you can help to address some of the most common risks that you might face when working from home. Keep all of these tips in mind, and if something seems a little weird or strange, it’s probably best to report it to your company’s IT professional.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

Cybercriminals are Stealing from you by Using these COVID-19 Scams

/0 Comments/in , /by

It is estimated that COVID-19 fraud has cost Americans more than $13 million, and it is rising. This comes from the US government.

The US Federal Trade Commission has added up the costs of all of these scams. They are looking from those that started from the 1st of January to the current week. What are these numbers made of? Mostly vacation and travel scams, as these have added up to $4.7 million lost. Online shopping scams are also out there, but they have only added up to $1.4 million.

The global spread of coronavirus has forced people to change the way they live, work, and even socialize. This is going to be the case for some time to come, and because of this, the cybercriminals have jumped onto the bandwagon, and they know…if they are lucky…this could be a lucrative thing for them.

These COVID-19 scams are definitely playing on the fears of the general public, and the goal of these cyber criminals is to get their targets to give them their personal information. Then, the bad guys use this information to commit fraud. In other words, they take money directly out of the hands of the people who need it the most.

What are the Tactics that People are Using to Hack Their Victims

There are a number of COVID-19 tactics that are being used to trick people into giving away their personal information, and in some cases, their hard-earned money.

Most of the tactics are combining phishing texts and emails with fake sites. Here are some of the things that are commonly found in a number of different languages:

  • Malware that is sent by “official” feeds, which are not really official. These include things like real time COVID-19 maps, which are actually meant to spread malware.
  • Messages that are offering an iPhone 11…for free…to help pass the time at home.
  • Messages offering payday loans to help people who are having problems with money.
  • Scams advertising products that are supposedly “cures” for COVID-19.
  • Coronavirus-themed domain names that seem to offer official information about the virus, but instead, simply spread viruses.
  • Emails from sources that show they are from WHO, the CDC, or even local governments.
  • Emails that ask for donations for COVID-19 research
  • Emails that look like they are coming from the government that have fake links allowing you to claim a tax refund.
  • People from the UK have reported getting fake emails saying they are from the BBC and the person’s TV license is expired. Then, they are asked to go to a website and update their details.
  • Phone calls are coming that are recorded and telling people that their broadband access will be cut off within 24 hours thanks to “illegal activity,” and the user must “press 1” to speak with a person to fix it. Once you are connected, they do all they can to get personal information from you.
  • Emails from people claiming to be “company officials,” that contain and attachment with the names of people within the organization that have tested positive for COVID-19.

No person nor industry is immune to this, so keep your eyes open and stay safe.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program and the home security expert for Porch.com

Deepfakes and the Impact on Cybersecurity Now and in the Future

/0 Comments/in , /by

Can you believe what you see in a video? Most people say ‘yes,’ but the truth is, you no longer can. We all know that photos can be altered, but videos? Thanks to artificial intelligence, these, too, are being altered at a very quick rate.

These videos, known as “deepfakes,” are out there, and they are doing a number on cybersecurity. In fact, leaders in the cybersecurity sector are warning consumers that high tech video alteration is here, and it is very difficult to tell with the naked eye whether or not a video is real or fake.

Leaders in cybersecurity shared an example of how this works. Basically, they created a video of a man, Steve Grobman, an executive from McAfee, speaking. However, the words he was speaking were not his own; they were the words of Celeste Fralick, a female data scientist, who had created this deepfake video to make a point. This might seem like a fun trick to play on your friends, but in reality, it could have a huge impact on cybersecurity, as things like phishing and social engineering will become easier than ever for hackers.

Deepfakes and artificial intelligence can also be used for audio too. Meaning a person’s words can be spliced together seamlessly to create full sentences. Joe Rogan the comedian and podcaster who has 1300+ podcasts was used as a demo. But even more disturbing is Joe Rogans voice with Taylor Swifts face.

What could this mean for you? Well, since it’s so relatively easy to make a video like this, it could cause some real issues for the public. One way that it could be used is to start with a photo, and then change a very small part of it. This change would be unable to be noticed by a human, but the change would be enough for AI to see the photo as something else. So, if you can confuse something like artificial intelligence, you could certainly confuse the systems that are built to stop cybersecurity.

This could have a lot of negative impact on all of us, and it could really give a boost to those who make a living in taking advantage of others via cybercrimes.

The good news is that though this type of technology could be used for bad, artificial intelligence could also be used for good things. For example, the technology could be used to create a crime map of where crimes have happened and where arrests could be made, which would make our streets, safer. At the same time, it could also be used by criminals to know where they could commit a crime without being arrested. You could also look at it like this. During World War II, more than two million people were killed by bombs that were dropped from airplanes. Based on that information, Orville Wright, the inventor of the airplane, was asked if he regretted this invention. He said ‘no.’ Why? Because he looked at the airplane as similar as to fire; it could cause terrible destruction, but at the same time, it is so very useful. This new technology is the same, and it will be interesting to see how it comes to truly be used in the future.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Want to be a Cybercriminal? Try Facebook

/0 Comments/in , , , /by

When you think of a cybercriminal, you probably picture someone in a black hoodie in a dark room on the dark web, but most cybercriminals are out there in plain sight, including on Facebook.

facebook security

Talos, a cybersecurity firm, found that people can easily join Facebook groups, and then participate in cybercrime including buying and selling credit card info, obtaining spamming tools, or even getting account logins and passwords. All in all, these groups have almost 400,000 members.

Though that does sound like a lot, and it is a lot, you also have to remember that Facebook has about 2 billion users logging into the site each month. With that number of people, it is difficult for the social media giant to deal with these groups.

The failure of Facebook to remove these cybercriminals shows that it is struggling to keep bad online behavior at bay, and this also include hate speech, inciting violence, and sharing false information. This also, of course, show how this behavior can be amplified by the algorithms that Facebook uses.

These groups are easy to find on Facebook. All you have to do is type things like CVV or spam. Once you join one of these groups, Facebook’s algorithms come into play and suggest other groups that are similar in nature. Plus, Facebook doesn’t have a great way to catch these criminals, as it relies on reports from other users to stop this type of behavior.

Because of this, Facebook really has a long way to go before it stops relying on the reports of its users. It’s also true that these reports aren’t always taken seriously, and they often fall through the cracks.

One such example of this is with the recent terrorist attack in Christchurch, New Zealand. The gunman who was responsible for the attack streamed his murderous act on Facebook Live. Though Facebook eventually took the video down, it was seen by thousands of people. However, Facebook said that it had no report of the video during the attack, which is why it took so long to remove it.

Knowing all of this, Talos tried to take on some of these crybercrime groups through the reporting system at Facebook. Some of these groups were, indeed, removed from the platform, but others were not. Instead, only specific posts were removed, while the group itself was able to live another day. Talos kept reporting these groups, however, and eventually, most of them were removed. However, new groups are now popping up to take the removed groups’ places. Facebook has acknowledged that there is a problem, and it admits that these groups have violated its policies. It also said that it knows that more vigilance is required and that it is investigating all types of criminal activity on the platform.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.