Have you ever been curious just how much vetting Facebook does before it accepts cash for an ad or a sponsored post?
Judging by what’s popping up in some users’ newsfeeds, the answer is not that much.
Take this sponsored post, for instance, which promotes a website that sells access to hacked PayPal accounts.
The website promoted by the sponsored post appears to be Russian in origin, and will charge you different amounts depending on how much money is sitting in the hacked PayPal account:
For a mere $30, you can buy access to a PayPal account with a balance of between $90-$130. $70 will get you someone else’s PayPal wallet with between $330-$400, and if you are prepared to give the website owners’ as much as $470 you are promised access to a hacked PayPal account containing over $2000.
Oh, and if the ad is to be believed you will receive an extra PayPal wallet thrown in for free as part of the deal.
The website claims that the PayPal accounts are “100% valid”, and are not protected by SMS-based two-factor authentication (2FA).
Of course, don’t forget that you are buying something from people who have demonstrated they have no problem with criminality, so don’t be surprised if they rip you off too.
Facebook isn’t doing a good enough job of cleaning up its social network of obviously dodgy sponsored ads, presumably paid for with stolen funds.
If you’re thinking of leaving Facebook, why not listen to this “Smashing Security” podcast we recorded:
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.