Application security, Threat Management, Network Security

Facebook rejects 82 more fake accounts, groups and pages allegedly linked to Iran

Two months after Facebook removed 652 inauthentic pages, groups and accounts for spreading misinformation and stoking political discord in other nations, Facebook announced on Friday that it banished another 82 offenders for the same reason.

Back in August, Facebook identified Iran and Russia as the chief culprits behind the fraudulent activity. This time around, Iran alone was singled out as the alleged perpetrator, with Facebook even noticing some overlap with the Iranian accounts that were eliminated two months earlier.

According to the social media giant, the malicious content primarily targeted users in the U.S. and UK, and consisted of 30 pages, 33 accounts, and three groups on Facebook, as well as 16 Instagram accounts. Generally, the page admins and account owners falsely represented themselves as U.S. or UK citizens, but a manual review showed they were actually based in Iran, Facebook reported.

Collectively, the phony Facebook and Instagram pages generated roughly 1.05 million followers, while the inauthentic groups managed to entice 25,000 account-holders to join. The postings typically contained content focusing on politically charged news topics such as race relations and immigration, and controversial public figures including President Donald Trump, U.S. Special Prosecutor Robert Mueller, Supreme Court Justice Brett Kavanaugh and former NFL star Colin Kaepernick. One sample post called Trump "the worst, most hated president in American history!"

"Our threat intelligence team first detected this activity one week ago. Given the elections, we took action as soon as we’d completed our initial investigation and shared the information with U.S. and UK government officials, US law enforcement, Congress, other technology companies and the Atlantic Council’s Digital Forensic Research Lab," wrote Nathaniel Gleicher, Facebook's head of cybersecurity policy, in a company blog post detailing the scams. "However, it’s still early days and while we have found no ties to the Iranian government, we can’t say for sure who is responsible."

In connection with this offending activity, Facebook also observed at least two ads -- one running in June 2016 and one running in January 2018 -- that cost less than $100 to purchase.

The company also spotted seven hosted events, scheduled between February 2016 and June 2018, which collectively drew interested from 110 people. "We cannot confirm whether any of these events actually occurred," blogged Gleicher. "Some appear to have been planned to occur only online. The themes are similar to the rest of the activity we have described."

Bradley Barth

As director of community content at CyberRisk Alliance, Bradley Barth develops content for SC Media online conferences and events, as well as video/multimedia projects. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.