The mystery behind "free" fake 'likes' on Facebook solved
If you are on Facebook, you must have seen ads that offer you millions of likes for free. Ever wondered who are behind such scams, and how they do it? Researchers have unearthed "collusion networks" - systems which can rapidly generate likes. The service is free in terms of money, but actually comes at huge costs including the breach of privacy.
To get likes through "collusion networks", users have to allow third-party applications access to their profiles. These apps exploit the OAuth code: they end up using these "subscribing" users' accounts to harness likes for others. Researchers at the University of Iowa and Lahore University of Management Science in Pakistan have unearthed over 50 such sites, including Spotify, iMovie and the Playstation Network.
Why users would want more likes is simple: more the likes, higher the probability of posts to reach the top in search results/others' feeds, and thus more the power of influencing. However, access to such apps mean more than allowing them to just garner likes: "In addition to reputation manipulation, attackers can launch other serious attacks using leaked access tokens."
There's suspicion such networks had a role during the 2016 US elections, in which Russia is believed to have interfered to garner support for Donald Trump. However, there's no confirmation yet. In April, before the French elections, Facebook removed 30,000 accounts allegedly linked to Russia's influence operations. Facebook claims several fake Russia-based accounts had bought $100,000 in ads during and after the 2016 elections.
The whole operation, which was brought to Facebook's notice in May'16, is based on a security loophole. Facebook then said all collusion networks have been blocked, but CBS News claims to have tested one such network just last week and gathered dozens of likes on a fake account. Researcher Zubair Shafiq says Facebook even attempted to stop publication of the findings at one point.