Facebook

Facebook

A Las Vegas man called Spam King had faced federal fraud charges for allegedly luring Facebook users to third-party websites and collecting personal data for spam list.

He used to trick people into revealing their login details which he then used to access half a million accounts and used this to send spam to other Facebook users.

He also used to target the users with bogus "friend requests" for distributing spam.

Source: https://www.bbc.com/news/technology-34061931

TPRM report: https://scoringcyber.rankiteo.com/company/facebook

"id": "fac222223422",
"linkid": "facebook",
"type": "Cyber Attack",
"date": "08/2015",
"severity": "80",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '500,000',
                        'industry': 'Technology',
                        'location': 'Global',
                        'name': 'Facebook',
                        'size': 'Large',
                        'type': 'Social Media Platform'}],
 'attack_vector': ['Phishing', 'Friend Requests'],
 'data_breach': {'number_of_records_exposed': '500,000',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Personal Data, Login Details'},
 'description': 'A Las Vegas man called Spam King faced federal fraud charges '
                'for allegedly luring Facebook users to third-party websites '
                'and collecting personal data for spam list. He tricked people '
                'into revealing their login details which he then used to '
                'access half a million accounts and used this to send spam to '
                'other Facebook users. He also targeted the users with bogus '
                "'friend requests' for distributing spam.",
 'impact': {'data_compromised': 'Personal Data, Login Details',
            'identity_theft_risk': 'High',
            'systems_affected': 'Facebook Accounts'},
 'initial_access_broker': {'entry_point': 'Phishing, Friend Requests'},
 'motivation': 'Financial Gain, Data Collection',
 'post_incident_analysis': {'root_causes': 'Social Engineering'},
 'regulatory_compliance': {'legal_actions': 'Federal Fraud Charges'},
 'threat_actor': 'Spam King',
 'title': 'Spam King Cyber Incident',
 'type': 'Phishing, Unauthorized Access, Spam Distribution',
 'vulnerability_exploited': 'Social Engineering'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.