Blog Layout

Facebook has deleted four planets’ worth of fake users – while real people struggle to get support

Sep 29, 2023

Thousands of users are expressing frustration on X or review sites, as Facebook’s fight against fake accounts affects innocent bystanders. In case your Facebook account gets hacked or disabled, prepare to be patient and persistent, as its recovery could take weeks without effective customer support, experts warn.

Facebook has deleted a staggering 27.67 billion fake accounts since October 2017, which is 3.5 times more than the total population of planet Earth. Facebook deletes hundreds of millions, sometimes more than a billion, fake accounts each quarter.

What’s behind those deletions, and how accurate are they? We couldn’t find out, as Meta’s media team has not responded to Cybernews inquiries.

The lack of responsive support is the same complaint that Facebook users have when their accounts are suspended, disabled, or even hacked.

Facebook has a user review rating of 1.5 stars on Trustpilot.com and 1.8 stars on pissedConsumer.com.

The generic search term “hacked” on X (Twitter) each day provides dozens of new different stories, such as this:

“My account is still hacked I don’t know why Facebook email support is not replying to my emails. It’s almost 15 days I’ve been trying to reach the Facebook support team, but no single reply from their side, Facebook support team is s***.“

Sure, even when combining all complaints on review websites or X, a few thousand unhappy users pale in comparison to Facebook’s three billion monthly active users. Yet, the experts confirmed to Cybernews that the problems are not a coincidence.

“Based on the consumer reviews, it appears that Meta’s handling of the user appeal process is inconsistent. Some users express frustration with their accounts being compromised and their appeals going unanswered or unresolved promptly. The lack of timely assistance in situations involving hacked accounts raises concerns about Meta’s customer support,” said CEO and Co-founder at PissedConsumer.com Michael Podolsky.

Additionally, as reported by CNBC , Meta’s two rounds of layoffs affected the company’s already poor customer service for users, influencers, communities, and businesses. Meta stopped its support feature in January for privileged users who manage popular Facebook communities and groups.

4-5% of fake accounts convert to deletions in the hundreds of millions

Facebook deleted 426 million fake accounts during the first quarter of the year. And that’s the lowest number in more than five years. In the previous two years, this number fluctuated between 1.3 billion and 1.8 billion per quarter.

“Fluctuations in enforcement metrics for fake accounts are expected due to the highly adversarial nature of this space,” Facebook writes in its report.

Facebook estimated that fake accounts represented approximately 4-5% of worldwide monthly active users (MAU) on Facebook during Q1 2023.

Sometimes real people get in the way: restoring the account may take weeks

Legitimate users on Facebook sometimes get caught up in the dragnet that’s intended to catch fake accounts, according to Marshal Davis, president and founder of marketing agency Ascendly Marketing, which also helps clients and influencers get their accounts back on Meta and other platforms.

“Meta’s appeal process is far from user-friendly, often leading to delays in account restoration. The lack of a streamlined communication channel exacerbates this issue. Users are left in the dark, unsure of the status of their appeals,” he said. “Restoring a disabled or hacked account is a lengthy process that can extend over several weeks.”

What complicates the matter is the absence of direct human support.

“Users should be prepared for a drawn-out, often frustrating experience,” Davis added.

False positives, according to him, occur frequently due to the limitations of Meta’s machine learning algorithms. Meta’s platforms are magnets for fake accounts due to their global accessibility, minimal entry barriers, and ease of account creation, as malicious actors use automated bots or human operators to create accounts for various malicious activities – including spam and disinformation.

“These algorithms often fail to understand the nuance and context behind user-generated content,” Davis said.

Sometimes this feature is abused by “Trolls”. As exposed by the UK government, the tactics the Kremlin used to gather support for Russia’s invasion of Ukraine included “a troll factory” utilized to spread disinformation on social media in a large-scale international campaign.

99,000 “pissed consumers” complained mainly about support

PissedConsumer.com shared some statistics on Facebook with Cybernews: Since 2015, the website’s users have posted a total of 99,000 reviews with an average 1.8-star rating.

As of September 2023, a total of 705,089 calls were made to Facebook’s customer service via the PissedConsumer review platform. Users claim to have suffered $100.2M losses in those reviews.

According to the firm, “Most commonly, consumers tend to contact Facebook customer service to ask questions about accounts, product or service, requests for information.”

Negative reviews often include “no customer service” and “getting hacked,” while positive ones mention “friends” and “family.”

CEO and Co-founder at PissedConsumer.com, Michael Podolsky, noted that challenges and issues with accounts often arise due to the automatic algorithms Meta uses for verification and reporting.

“Not every user problem can be resolved automatically, so consumers get stuck with their complaints because Facebook customer service fails to provide timely assistance. Another concern is Meta’s large user base which makes it difficult to enforce community rules thoroughly and respond timely to every complaint,” he said.

He noted that the most significant issue faced by Facebook users is the lack of customer service, which intensifies the root problems, such as hacked accounts, content policy violations, impersonation, scams, hate speech, privacy breaches, or other highlights by customers.

“Consumers usually count on an immediate response and assistance with their issues, but the reviews suggest that there’s room for improvement in Meta’s consumer support processes,” Podolsky asserted.

What to do if your account gets hacked or disabled?

Sometimes, Meta reacts on X (Twitter) to direct users in trouble. And their advice usually is:

“Hi, Name. Please visit our Help Center for account support: https://meta.com/help/.”

To that, some people responded with, “I have tried that, and no luck,” or “Your help center is zero help.”

It seems that there’s little else to do from there.

“The first thing users should do is to try Meta’s official support channels, such as the help center or customer support. We always strongly encourage consumers to voice their concerns with the companies publicly. Posting on Twitter (X) might get attention, but in the case of Meta, it isn’t a bulletproof solution. Meta’s dedicated support channels are more likely to provide direct assistance for account-related issues. However, keep in mind that response times and effectiveness may vary, so be patient and persistent when trying to resolve such issues,” Podolsky said.

Security Lapse by Microsoft Employees Exposes Internal Passwords

26 Apr, 2024
In continuation of Microsoft’s series of data security incidents, employees accidentally exposed internal data to the public. The leak exposed an unprotected Azure storage server containing code, scripts, and configuration files. Microsoft has announced that it has fixed a security breach that exposed internal company credentials and files to the open internet. The breach was first discovered by security researchers from cybersecurity firm SOC Radar. According to their report, an internal error resulted in an Azure storage server without password protection being given public access. The exposed data was primarily related to Microsoft’s Bing search engine, including configuration files, code, and scripts that employees used to access a range of internal systems and databases. Consequently, bad actors could identify and access locations for Microsoft's internal data. So far, it has not been made clear how long the data has been exposed. Anuj Mudaliar Assistant Editor - Tech, SWZD opens a new window opens a new window Anuj Mudaliar is a content development professional with a keen interest in emerging technologies, particularly advances in AI. As a tech editor for Spiceworks, Anuj covers many topics, including cloud, cybersecurity, emerging tech innovation, AI, and hardware. When not at work, he spends his time outdoors - trekking, camping, and stargazing. He is also interested in cooking and experiencing cuisine from around the world.

AT&T experienced data breach that impacted 51 million customers (No one is immune)

26 Apr, 2024
AT&T is notifying 51 million former and current customers, warning them of a data breach that exposed their personal information on a hacking forum. However, the company has still not disclosed how the data was obtained. These notifications are related to the recent leak of a massive amount of AT&T customer data on the Breach hacking forums that was offered for sale for $1 million in 2021. When threat actor ShinyHunters first listed the AT&T data for sale in 2021, the company told BleepingComputer that the collection did not belong to them and that their systems had not been breached. Last month, when another threat actor known as 'MajorNelson' leaked the entire dataset on the hacking forum, AT&T once again told BleepingComputer that the data did not originate from them and their systems were not breached. After BleepingComputer confirmed that the data belonged to AT&T and DirectTV accounts, and TechCrunch reported AT&T passcodes were in the data dump, AT&T finally confirmed that the data belonged to them. While the leak contained information for more than 70 million people, AT&T is now saying that it impacted a total of 51,226,382 customers. "The [exposed] information varied by individual and account, but may have included full name, email address, mailing address, phone number, social security number, date of birth, AT&T account number and AT&T passcode," reads the notification. "To the best of our knowledge, personal financial information and call history were not included. Based on our investigation to date, the data appears to be from June 2019 or earlier." BleepingComputer contacted AT&T as to why there is such a large difference in impacted customers and was told that some of the people had multiple accounts in the dataset. "We are sending a communication to each person whose sensitive personal information was included. Some people had more than one account in the dataset, and others did not have sensitive personal information," AT&T told BleepingComputer. The company has still not disclosed how the data was stolen and why it took them almost five years to confirm that it belonged to them and to alert customers. Furthermore, the company told the Maine Attorney General's Office that they first learned of the breach on March 26, 2024, yet BleepingComputer first contacted AT&T about it on March 17th and the information was for sale first in 2021. While it is likely too late, as the data has been privately circulating for years, AT&T is offering one year of identity theft protection and credit monitoring services through Experian, with instructions enclosed in the notices. The enrollment deadline was set to August 30, 2024, but exposed people should move much faster to protect themselves. Recipients are urged to stay vigilant, monitor their accounts and credit reports for suspicious activity, and treat unsolicited communications with elevated caution. For the admitted security lapse and the massive delay in verifying the data breach claims and informing affected customers accordingly, AT&T is facing multiple class-action lawsuits in the U.S. Considering that the data was stolen in 2021, cybercriminals have had ample opportunity to exploit the dataset and launch targeted attacks against exposed AT&T customers. However, the dataset has now been leaked to the broader cybercrime community, exponentially increasing the risk for former and current AT&T customers. Update 4/10/24: Added statement from AT&T about discrepancy in numbers. BILL TOULAS Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks.

Home Depot Data Compromised Through Third-Party SaaS Misconfiguration

26 Apr, 2024
Home improvement retailer Home Depot confirmed with multiple publishers that it suffered a data break due to a third-party SaaS vendor inadvertently exposing a subset of employee data. IntelBroker, the threat actor behind the attack claims it has the information of 10,000 Home Depot employees. A Home Depot software vendor suffered a data breach leading to the compromise of an undisclosed number of employees. IntelBroker, the threat actor behind the attack claims it has the information of 10,000 Home Depot employees. Home improvement retailer Home Depot confirmed with multiple publishers that it suffered a data break due to a third-party software vendor inadvertently exposing a subset of employee data. Reportedly, the breach was caused by a misconfigured software-as-a-service (SaaS) application.
More Posts
Share by: