Meta is sued for abetting fraud, and they don’t want you to know about it

In March, the Australian Competition and Consumer Commission (ACCC) started a proceeding against Facebook (now called Meta). They claim that Meta “engaged in false, misleading or deceptive conduct by publishing scam advertisements featuring prominent Australian public figures”.

The practice consists in buying advertisements on Facebook, often using a picture of a celebrity known for his wealth, and promising unrealistic gains to potential victims. When they click on an ad, users are redirected to a webpage that copies the branding of an established news outlet. The article on the page describes in some details the false “investment scheme” before asking users to “invest” – that is, to pay the scammers. The fraud works in particular because Facebook’s recommendation algorithms are very good at showing the ads to people who are likely to fall for the scam.

Below is an example of how the scam looks like. The advert’s copy claims that a billionaire “plans to launch guaranteed earnings in Australia”, which is false.

When users click on the ad, they are directed to a webpage that pretends to be from news.com.au, one of the country’s top news portal. A fake news report encourages users to invest in a new cryptocurrency.

Meta's defense

Meta filed a request asking that several documents pertaining to the ongoing case remain under seal. Andrew Forrest, an Australian billionaire whose name was used in such scams, is suing Meta in criminal court in a separate proceeding on the same issue. Meta argued that the documents in the case brought by the ACCC could unduly influence the jury of the criminal case. In a ruling on 9 September, a federal judge quashed Meta’s argument, only agreeing that a mysterious “Confidential Exhibit MM–10” and a memo remain unpublished.

“Applications [such as Meta’s] are not common but are often raised in high-profile cases”, Jeannie Paterson, professor at the Melbourne Law School and co-director of the Centre for AI and Digital Ethics, told AlgorithmWatch. “They are often rejected as courts tends to emphasize the value of open justice”, she added.

Meta may well continue to raise procedural arguments that slow down the litigation process, Ms Paterson said. “Meta may make substantive arguments that it did not relevantly know of the scam problem, or could not do anything about the scam problem and therefore that it is not responsible. Meta may rely on arguments about the capacity of its technology, such as arguing strongly that it does not have the technical capacity to detect and stop the misleading ads, and it may try to overwhelm the ACCC and the court with 'science' relating to its business.”

No date has yet been set for the hearings.

Global fraud

The Australian case is important because the scams are global. The methods described in the ACCC’s complaint match the modus operandi of scammers targeting victims across the world. This screenshot from Facebook’s Ad Library shows a single scammer advertising in 10 countries: France, Germany, Austria, Denmark, the Netherlands, Greece, Italy, Switzerland, Spain, and Australia.

A journalistic investigation by Radio-Canada showed in February that scammers manage to convince some victims to entrust them with all their savings, sometimes over a million euros. Overall, these scams could bring in several billions euros a year in revenue.

Very little is known about the criminal groups operating the scams. In 2019, a Buzzfeed investigation found that a scammer paid Facebook close to $45,000 in a single campaign (the scammer made almost $80,000 in revenue). Given that a scamming operation runs dozens, if not hundreds, of campaigns at a given time, the working capital requirement could be in the millions. Running crypto-scams on Facebook is not for small crooks, but for large mafia-like organizations.

Matching algorithm

What is certain is that crypto-scams rely on Meta’s infrastructure. As AlgorithmWatch showed in 2021, Facebook’s advertising system automatically “optimizes” the placement of ads, showing them to people who might find them “relevant”. Or, as a scammer put it in a quote to a Bloomberg journalist in 2018, “[Facebook’s algorithms] go out and find the morons for me”.

Meta never disclosed what steps they took to prevent scammers from advertising on their platforms, despite announcing in 2017 that they would address the issue. A 2019 investigation by AlgorithmWatch showed that it was very unlikely that Facebook invested much resources in the fight.

Gina Murphy, Head of Policy Communications, Australia & New Zealand at Facebook, told AlgorithmWatch that Meta “invest substantial resources to detect and prevent scams on [their] platforms”. She did not detail what those substantial resources were.

However, we do know what Meta does not do to detect scams. Google runs the “Safe Browsing” project, which includes a public list of webpages that are known to host scams. If you use Chrome or Firefox, your browser automatically checks that the webpage you are visiting is not on the list, and displays a huge warning if it is. The advert shown above, with its promise of guaranteed earnings by Tesla, directed users to a URL that was on that list. Either Meta did not check Google’s safe browsing lists, or it did and let the ad run anyway. Neither possibility is compatible with the claim that “Meta invests substantial resources to detect scams”.

Choke point

Scammers typically steal the credential of pages, sometimes from government officials or artists who have a “verified” badge on their Facebook page. In one case that AlgorithmWatch can document, the scammers sent an SMS to the victim asking to log in to Facebook, only to be directed to a “phishing” website which looked legitimate but actually sent the victim’s password to the scammer. Once in control of the page, scammers can run advertising campaigns. Given that Facebook claims to identify “political” content in ads and tends to err on the side of caution, flagging non-political ads as political, it is hard to understand how they are unable to detect ads that blare misleading slogans such as “plans to launch a guaranteed earning” and which are often identified as scams in the comments section below them.

If the ACCC succeeds in having an Australian judge ruling that Meta’s actions, or absence thereof, does indeed abet fraud, other prosecutors might follow suit. In Europe, taking action against Meta is currently not on the cards. The Center for Cybercrime of Bavaria, by far the most active German agency in the fight against crypto scams, sees no legal grounds for a possible prosecution. In France, the consumer commission and the financial regulator did mention social media as a key gateway for crypto crime in 2021, but failed to name Meta and did not return repeated requests for comment.