With less than 20 friend requests, Facebook's AI detects phony accounts. Engineers explain SybilEdge, an algorithm that identifies bogus accounts that pass Facebook's anti-abuse filters upon registration but haven't friended enough people to sustain abuse, in a study featured today in a Facebook blog post. The company claims this is the first time such a system has been deployed on the site.
SybilEdge prevents people from creating multiple accounts with the same email address or phone number to make it easier for them to sign up for sites that require an account. It's also used by Facebook during security scans of its own network to identify suspicious activity—for example, when someone attempts to register hundreds of accounts in a short period of time.
In the case of the study described in the blog post, Facebook's engineers wrote a program that automatically generated thousands of accounts and tested them against SybilEdge. Most of the accounts didn't violate any other rules so they were allowed to stay registered on Facebook. But because they weren't given the opportunity to interact with others, they were identified by SybilEdge as potential spam accounts and deleted.
It's important to note that although these tests involved automated scripts, they still required judgment from humans before decisions could be made about account status. For example, if too many accounts were rejected, then the test would be stopped until more could be approved.
False accounts that look exactly like a user's genuine account are being put up to deceive the user's friends into accepting friend requests from the fake account, believing the new account was made by their buddy. In actuality, a fraudster may "clone" a Facebook account without ever logging in to it. They can do this by obtaining the details of an existing account, including its username and password. Then they can create a similar-looking account using those details as a template.
When a person clicks on the link in a message or email that takes them to a fake Facebook page, they usually see a warning not to accept the invitation because it could be harmful to their account. However, some people may not read these warnings or may even accept the invitation under the assumption that it is really from their friend. This could allow a fraudster to take over the account permanently by sending messages as the real user, adding friends, and changing other settings.
Facebook does try to stop people from falling for such tricks by requiring that all new accounts verify their identity with a phone number or email address. If someone tries to log in with a stolen email address or username, Facebook sends an email to the address listed in the original account asking for confirmation. The fraudster would need to find this email address before they could use it to log in as another person.
A Facebook bot is a computer program that is programmed to establish and manage a bogus Facebook account. A Facebook bot is fully automated software that creates a profile by harvesting photographs and information from other websites. Following the creation of a bogus profile, it spreads by friending other Facebook users. The bot can also send messages to its friends.
There are two ways in which a Facebook bot can be used: spam or hoaxes. A spam Facebook bot is designed to spread advertising messages or links as far and wide as possible. This may involve creating thousands of accounts and sending out messages with the aim of increasing the likelihood of some of them being opened. Hoax Facebook bots on the other hand, try to make people believe something false. For example, a hoax bot might create hundreds of accounts and post about a celebrity it doesn't actually know. The goal is for people to click on the link, read the story, and then be directed to another website where they will spend money.
Spamming and hoaxing are only two ways in which a Facebook bot can be used. There are many others, such as voting systems that use Facebook bots to generate ballot papers in elections around the world. It's important to note that all such programs have one thing in common - they are all done automatically by computers.
Facebook bots can be written in any language that can access the social network's API, but most do so in Python or PHP.
If you're a criminal, you should be cautious about who you friend on Facebook. Last week, a federal court decided that police enforcement can construct bogus social media personas in order to trawl through a suspect's account. The case involved an FBI agent who was looking into cyberstalking allegations against a former girlfriend. The agent created a false Facebook account in the name of "Brandon McQuarrie" and used it to send messages to the victim. When the victim responded, the agent would arrest her for cyberstalking.
This ruling allows law enforcement to engage in this type of activity so long as they don't post any material that would be considered slander or libel. Cyberstalking is defined as a type of harassment that uses electronic technology to torment someone else. This includes sending harassing emails and text messages, publishing derogatory information about them online, and even using software to monitor their activities without their knowledge.
There are two parts to this definition: harassment and electronic. Harassment can be done face-to-face, over the phone, or through other means of communication. Electronic means use computers and the Internet for harassment purposes. This includes sending emails, posting comments on social networking sites, and more.
The second part of the definition is important because it includes technologies that were not around when the statute was written (1992).
You may encounter bots at times, but you may also engage with actual humans. As far as we know, Facebook detects "false names" using three methods: Automated Systems (Bots), User Reports, and Facebook Investigators (actual employees at Facebook who go around deciding if a profile is fake or not). A profile will be marked as suspicious if it doesn't contain any other users or pages related to the account's owner.
In other words, if you use a fake name on Facebook, you might get banned by accident. There's no way to find out whether your account was suspended because of your failure to provide true information or because it was flagged as suspicious by a computer system.
Users can report suspicious accounts to Facebook via email or their website. If certain actions are taken on the reported page, such as changing back the name on the page, then Facebook will investigate further.
Investigators work with local law enforcement when necessary and try to identify people using fake profiles to steal personal information. They can also send messages to other users on the site if they think there's a risk of them being underage or vulnerable in some other way.
Finally, Facebook uses an automated system to search for registered trademarks that appear in the names of suspicious accounts. If it finds one, the account will be terminated immediately.