Meta’s social media platform Threads is becoming a hotspot for cybercriminal activity, with bad actors leaking sensitive credit card information, including names, birth dates, addresses, and more. 

The alarming twist

Meta’s algorithms inadvertently amplify this content across Threads, Instagram, and Facebook, exposing a broader audience to potentially fraudulent scams. Some posts redirect users to Telegram, promising further access to compromised data, a tactic likely to be a scam itself. Meta is aware of the issue and claims ongoing action, yet some accounts have been active for months.

Key Takeaways

• Data Exposure: Threads is being used to publish full credit card details and personal info, including SSNs and contact information.
• Platform Promotion: Meta's algorithms are unintentionally promoting these posts on Instagram and Facebook.
• Telegram Links: Scammers often link to Telegram groups for deeper involvement, where they reportedly charge users for "access" to data.
• Active Accounts: Despite Meta’s interventions, some accounts persist for months, suggesting limited enforcement effectiveness.
• Detection Avoidance: Cybercriminals may be diversifying platforms to avoid Telegram’s new crackdown.

Some Lessons Learned

• Algorithm Risks: Automated content promotion needs strict oversight, especially in detecting and flagging sensitive or harmful content.
• Cross-Platform Moderation: Meta must adopt proactive, synchronised moderation across platforms to effectively control malicious actors.
• User Education: Awareness initiatives could help users identify scams on social media, reducing engagement with dangerous content.

Threads, once promoted as a social media alternative, is facing a significant security challenge as cybercriminals exploit it for data leaks and scams. The issues underscore the importance of active moderation across digital platforms, as Meta works to mitigate the risks. Although action is ongoing, the persistence of these accounts highlights a need for enhanced strategies in automated content detection.

Source and further reading.

Irwin, K. (2024, October 29). Cybercriminals are leaking stolen credit card data on threads. PCMAG. https://www.pcmag.com/news/cybercriminals-leaking-stolen-credit-card-data-threads-instagram-facebook