Facebook the Search Engine, and New Kinds of Fraud


Facebook is making moves to become a new, better search engine than Google.

Here’s how it works, as I understand it: Julie logs into Facebook to check on her friends. Then she goes off to browse the web looking for chocolates. When she comes to the Nimbar Chocolates website, she smiles because she likes their vanilla truffles. She notices there’s a little Facebook “Like” button so she clicks it.

Now Facebook knows that Julie “liked” Nimbar Chocolates. Once Facebook has a lot of “Like” data, they can start offering better search results for people who are similar to Julie (in principle). Nimbar Chocolates benefits from more exposure to people like Julie. It all sounds so wonderful.

Nimbar Chocolates gets a letter in the mail from Liketech Inc. who says they can get millions of people to click the “Like” button on their website. All they have to do is send them $100 US dollars for every 100,000 clicks. Gordon, the Head of Marketing for Nimbar Chocolates, decides to go for it and sends Liketech a cheque for $100 US dollars.

Now Liketech has $100 US dollars and they need to click 100,000 “Like” buttons. That’s one tenth of a cent per click, or $5 US dollars per 5000 clicks. Not many people are willing to work for so little pay. So how does Liketech do it?

1) Liketech has a “farm” of fake identities on Facebook. These fake Facebook profiles seem real. They have activity on Facebook that looks like it’s being generated by a real person, but it’s not. It’s all generated by software, automatically. A lot of it is just copies of stuff from other public Facebook profiles. Liketech gets a subset of those fake identies to click the “Like” button on the Nimbar Chocolates website.

2) Liketech has also teamed up with an identity theft group. That group steals Facebook username/password combinations and uses them to login as real people on Facebook, for the sole purpose of clicking on “Like” buttons. The identity theft group has so many username/password combinations that they only have to use any particular Facebook account about once per month. Most Facebook users don’t even notice, and most who do don’t care.

Yay, Nimbar Chocolates gets 100,000 “Like” clicks! They’re spread out over time, of course, with more clicks during the day than in the middle of the night (depending on the timezone of the identity doing the clicking).

The Facebook “Like” button incentivizes other kinds of fraud as well. For example, I could create a legitimate page about Nelkrupp Apple Crisps and let it accumulate “Like” clicks over time. Then, quietly, I could add stuff to that page which has nothing to do with Apple Crisps (e.g. pharmaceuticals to help men with ).

For all I know, these forms of fraud are already in play. I know I’ve gotten friend requests from people I’ve never heard of. Were they bots trying to get themselves connected to me (a real person) so as to appear real?

Facebook could help alleviate the second kind of fraud (username/password theft) by asking people to change their password on a regular basis. Yeah right, they may as well remind them to floss their teeth too!

Photo Credit: Papai noel (versão colorida) – trufas – chocolate + fondant byAna_Fuji on Flickr is licensed under a Creative Commons Attribution 2.0 license.

A friendly human.

4 thoughts on “Facebook the Search Engine, and New Kinds of Fraud

  1. I have, but very rarely use, two Facebook accounts – one for those people who know me in atomic space only, one for eSpace only. No cross over… Save my parts have friended each other.I was amused rather than concerned to find I’d suggested a friend to myself!Whether that’s Facebook playing games, identity theft or something else I don’t know but it’s clearly not 100% legit and was easy for me to spot in the circumstances.


  2. In general a Facebook profile will evolve to become similar to a person’s digital passport inside and out of Facebook.It is in Facebook’s interest to ensure there are no fake passports (facebook accounts). Of course people/robots will create fake ones, and Facebook will try to stamp it out. There will be a continuous arms race of fake-vs-real, just like similar past/ongoing arms races in credit card identity, email identity, etc. If/when our Facebook identity is compromised, will Facebook be generous about fixing it, the way that credit card companies are? There are good reasons to be skeptical.


  3. Category k-means recommendation-based search? If you look at Technorati’s search interface, or PubMed, the problems with that may become apparent. I’d rather have a stable ranking algorithm. I guess I don’t mind search assuming that I only read English, but that too shall pass, I hope.


  4. Facebook already allows people to use names other than their real name for their Facebook account. It might be against their Terms of Service, but they let it slide. I’m particularly aware of this because many of my friends from Second Life use their Second Life Name to identify on Facebook.I’ve also heard that many young people create multiple Facebook accounts, for example, one for them to interact with their real friends, and one for interacting with parents and family.


Comments are closed.