Researchers track Facebook groups acting as 'online criminal flea markets'

An intelligence firm compiles a list of 74 groups that buy and sell stolen credit card information pretty much right out in the open.

Shelby Brown Editor II
Shelby Brown (she/her/hers) is an editor for CNET's services team. She covers tips and tricks for apps, operating systems and devices, as well as mobile gaming and Apple Arcade news. Shelby also oversees Tech Tips coverage. Before joining CNET, she covered app news for Download.com and served as a freelancer for Louisville.com.
  • She received the Renau Writing Scholarship in 2016 from the University of Louisville's communication department.
Shelby Brown

Some shady groups remain, despite Facebook's purge. 

SOPA Images/Getty Images

We're used to hearing about cybercriminals using hidden servers or dark web addresses to buy and sell their wares. But these scofflaws are going about their business pretty much right in the open, via Facebook groups, according to a report published Friday from Cisco Talos.

The intelligence firm discovered 74 Facebook groups that were buying and seling stolen credit card information and cybercrime tools. The groups, in total, had 385,000 members, according to Talos.

Talos said the groups were easy to find by searching "spam," "carding" or "CVV." If you join one or more of these groups, Facebook's algorithms would suggest more that are similar.

Facebook said it had reviewed the groups submitted by Talos, a majority of which were flagged in 2018, and removed the ones that violated its policies.

"These groups violated our policies against spam and financial fraud and we removed them," a spokesperson for Facebook said in an email. "We know we need to be more vigilant and we're investing heavily to fight this type of activity."

The social network says it's revoked privileges of the accounts that were running the nefarious groups so they can't make new ones. And it's continuing its investigation and removing groups, pages and accounts in violation. 

Talos, however, said while Facebook quickly took down the majority of the malicious groups, "new groups continue to pop up" and some were still active as of Friday.