TAG Bulletin: Q3 2021
This bulletin includes coordinated influence operation campaigns terminated on our platforms in Q3 2021. It was last updated on August 31, 2021.
July
- We terminated 7 YouTube channels as part of our investigation into coordinated influence operations linked to Ukraine. This campaign uploaded content in Ukrainian and Russian that was supportive of Russia’s government and critical of the Ukrainian military. We received leads from FireEye that supported us in this investigation.
- We blocked 10 domains from eligibility to appear on Google News surfaces and Discover as part of our investigation into coordinated influence operations linked to Russia. This campaign uploaded content in Russian that was critical of Ukraine’s government and supportive of Russia.
- We terminated 2 YouTube channels as part of our investigation into coordinated influence operations linked to Iraq. This campaign uploaded content in Arabic that was supportive of Iran-backed militias and critical of the U.S. and its allies. Our findings are similar to findings reported by Facebook.
- We terminated 7 YouTube channels as part of our investigation into coordinated influence operations linked to Jordan. This campaign uploaded content in Arabic that was supportive of the Jordanian government and critical of its opposition. Our findings are similar to findings reported by Facebook.
- We terminated 15 YouTube channels as part of our investigation into coordinated influence operations linked to Algeria. This campaign uploaded content in Arabic that was supportive of the Algerian government and its military. Our findings are similar to findings reported by Facebook. We received leads from Graphika that supported us in this investigation.
- We terminated 6 YouTube channels as part of our investigation into coordinated influence operations linked to Mexico. This campaign uploaded content in Spanish that was critical of certain local politicians in Campeche, Mexico. Our findings are similar to findings reported by Facebook.
- We terminated 4 YouTube channels as part of our investigation into coordinated influence operations linked to Mexico. This campaign uploaded content in Spanish that was supportive of a member of the National Action Party). Our findings are similar to findings reported by Facebook.
- We terminated 16 YouTube channels and 1 ads account as part of our investigation into coordinated influence operations linked to Sudan. This campaign uploaded content in Arabic that was supportive of the Muslim Brotherhood and critical of the current Sudanese government. Our findings are similar to findings reported by Facebook.
- We terminated 850 YouTube channels as part of our ongoing investigation into coordinated influence operations linked to China. These channels mostly uploaded spammy content in Chinese about music, entertainment, and lifestyle. A very small subset uploaded content in Chinese and English about China’s COVID-19 vaccine efforts and social issues in the U.S. These findings are consistent with our previous reports.
I controlli di sicurezza di Instagram si beffano con 60 dollari: il ban-as-a-service
Credit: Motherboard. |
Motherboard ha pubblicato un’indagine sul fenomeno del ban-as-a-service: l’attività criminale di far bandire (o bannare) qualcuno da un social network usando l’inganno per indurre i gestori del social network a chiudergli l’account.
Nei bassifondi di Internet, infatti, esistono varie organizzazioni criminali che offrono questo servizio dietro pagamento. La tariffa è variabile e dipende dal numero dei follower del bersaglio, ma raramente supera i 60 dollari. E Instagram, uno dei mercati più fiorenti, spesso non protegge a sufficienza i propri utenti da questi attacchi, effettuati per dispetto, ripicca, rivalità, concorrenza, vendetta o estorsione.
Il ban-as-a-service opera in questo modo: il criminale crea un profilo identico a quello del bersaglio, copiandone la foto della bio e la descrizione. Ma crea questo profilo-clone usando un profilo verificato (uno di quelli con il bollino blu), che magari ha rubato a qualcuno.
Fatto questo, il criminale segnala a Instagram l’account della vittima, accusandola di essere un impostore. Instagram, invece di controllare come stanno le cose (per esempio guardando quale dei due account è stato creato prima o ha caricato di colpo tante foto e cambiato quelle preesistenti), banna l’account della vittima.
Non è l’unica tecnica: le altre sono descritte nell’articolo di Motherboard. Ma la cattiveria dei truffatori non si esaurisce qui. Infatti capita spesso che le vittime del ban vengano contattate prontamente da qualcuno che si offre di rimettere tutto a posto, ovviamente dietro compenso. E stavolta le cifre in gioco sono decisamente più alte: dai 3500 dollari in su.
Se la vittima usa il proprio account Instagram per lavoro, trovarselo bannato è un danno economico notevolissimo, per cui capita spesso che le cifre richieste vengano pagate. Guarda caso, chi si offre di ripristinare a pagamento è in combutta con chi ha effettuato il ban.
In casi come questi, non c’è password o autenticazione a due fattori che tenga, perché questo non è un furto di account, e spetta a Instagram investigare per capire come sono andate le cose e chi è il vero impostore. Non sempre lo fa, stando all’indagine di Motherboard. Se vi capita un problema di questo genere, non vi resta che consultare il Centro assistenza di Instagram, che ha una pagina apposita per il ripristino degli account disabilitati.