Just what are facebook upto?

Here’s a question.

In the last couple of weeks, I have noticed that Facebook, or somebody/thing at that company, is mysteriously creating multiple fake accounts on this forum - I would presume on others too.

The accounts are all created from the same IP which belongs to facebook’s networks in the Asia/Pacific region. They use avatars of celebrities or cartoons, for example, Idris Elba or Leighton Meester.

Two of the accounts are created with email addresses that are formed of long strings and belong to the tfbnw.net domain - registered to facebook - while another is a gmail account that references a ‘geogated project’.

They all signed up to FTT using facebook’s Single Sign-On solution. There is never any activity on these accounts, they register and then don’t come back.

I’m wondering, what gives? What are they up to? You expect to see random spam bots setting up fake accounts all over the web - but not one of the biggest tech companies on the planet.

4 Likes

Could it be somebody abusing the Facebook platform API somehow?

1 Like

Interestingly, the fake accounts all have associated facebook SSO logons… but you can’t find them in facebook itself.

I would have thought if it were an actual person using facebook for ‘odd’ purposes then the accounts would show up.

I’ve searched by name, username and email. They’re hidden/non-existent.

2 Likes

email abuse@facebook.com if it still works

The Facebook web crawler maybe.

1 Like

Facebook is still a thing?

1 Like

Yes, sadly.

5 Likes

We have the same problem. Nine accounts created with SSO from fake Facebook accounts since September, two with tfbnw.net domain names, and the others with geogatedprojectxxx gmail addresses. The names include English football StevieG StevieG, Serbian footballer Marko Peric and Croat kickboxer Luka Tomic, as well as Noelle Lim, Kalia Rain, Katarina Furbo, Alex Kim, Alex Lim, and Yoon Yura.

None of the accounts seem to have done anything, so I have no idea what they’re up to.

2 Likes

Very much so.

1.62 billion people on average log onto Facebook daily and are considered daily active users (Facebook DAU) for September 2019.

Does this include Messenger?

Does this include Messenger?

Good question, and it looks like it includes that and a lot more.

https://dealbook.nytimes.com/2012/02/06/those-millions-on-facebook-some-may-not-actually-visit/

" every time you press the “Like” button on NFL dot com, for example, you’re an “active user” of Facebook. Perhaps you share a Twitter message on your Facebook account? That would make you an active Facebook user, too. Have you ever shared music on Spotify with a friend? You’re an active Facebook user. If you’ve logged into [Huffington Post] using your Facebook account and left a comment on the site — and your comment was automatically shared on Facebook — you, too, are an “active user” even though you’ve never actually spent any time on facebook dot com."

2 Likes

I mean, Facebook is everywhere, so this is a low bar for “active”.

2 Likes

GeoGate is an opensource GPS/AIS tracking server framework, that enable easy integration of multiple GPS trackers in WEB applications. It provides data acquisition drivers for typical tracker devices or phone’s GPS apps. It handle multiple database backend, and support GeoJSON, AIS & NMEA encoding/decoding. It embed support for multiple classes of trackers, phone-apps, as well an NMEA & AIS simulator.

If you use Facebook login API and your website or app uses GPS, some manual checking seems to be done to manage the network of valid locations.
Search github for geogated project.

1 Like

Interesting spot, @Liam.

I wonder if Facebook is auditing sites that use Facebook login / Facebook API for breaches of T&Cs?

For some forums, Facebook would be systematically breaching forum T&Cs by creating these accounts.

I’ve just checked, and at least one of my forums has an account with a tfbnw email address

Edited to add:

The above explanation is somewhat reassuring.

2 Likes

Curiouser and curiouser. Why would they be using names of celebrities though (which would also seem to be against Facebook’s T&Cs)?

1 Like

Continuing this thread. We run a personal data application that has these login attempts roughly monthly. The email addresses are

geogatedproject345@gmail
geogatedproject343@gmail
geogatedproject1010@gmail

Continuing comments before, the tfbnw.net domain can be used by anyone creating a test account with facebook on one of their apps. So it could be easy for someone to create a fake alias in developer mode in Facebook then use that alias to gain access to sites through fake accounts. Doesn’t mean it is actually facebook that is running the tests.

Any other thoughts of people it could be? It definitely looks like an organised programme whoever is running it. Some sort of competitive intelligence product? Data mining?

It’s been months since the last time, but we just got two of them created 5 minutes apart. The email addresses are :
haoyvzprln_1594867556@tfbnw.net
geogatedproject330@gmail.com

They seem to have been created from the same IP address in Singapore, but I have no idea why.

I have the same here
3 emails registered in my app
Geogatedproje236@gmail.com
Phone No.
Geogatedproject225@gmail.comGeogatedproject294@gmail.com
It looks like fake accounts I don’t know if it belongs to Facebook or not

But the below emails i’m sure it belongs to Facebook they’re reviewing the app for business requests
kgaxqpnffw_1554153235@tfbnw.net
pazkqemcsi_1567409447@tfbnw.net-zzqcyenpys_1592799905@tfbnw.net

We’ve turned Facebook registration off, but just got an account created with email address geogatedproject75@gmail.com and username creedbratton.

It seems to have been created from an IP address in Ireland, though the location they entered was zip 10001, New York. Since there are a few steps involved in registering, I suspect someone must have registered manually.

I’ve sent them an email, which didn’t bounce for a change, but I’m not expecting a reply.

1 Like