Facebook is undoubtedly one of the most popular social networks and one that has the most users worldwide. For this reason, when a problem arises, when a new threat appears that can compromise the security and privacy of users, there are many who can be affected. In this article we echo a news item that reports on how they are using the preview of Facebook links to extract data from Internet sites.
They use the Facebook link preview to extract data
They are using Facebook’s link preview feature to extract data from internet sites . They do this by using the social network’s API servers as a proxy and thus avoiding being blacklisted.
This technique consists of using Facebook developer accounts to make calls to the API servers of the social network or its messaging program, Facebook Messenger. What it does is request a preview of the link for the pages of a site from which they want to extract information.
Facebook would fetch the data, display it in a link preview, and return it to the searchers to collect this data as an API response, ready to be added to the database.
This process, as indicated by the security researchers behind this report, has been successful as most website operators allow Facebook servers to crawl their sites. This is so since they know that the data that Facebook collects from their pages is generally used for legitimate purposes, as part of the previews of links on the social network, Facebook Messenger, WhatsApp or Instagram.
Several groups have used this technique
The problem is that, as we can see, different groups have used this technique to collect information from those sites. This report was developed by DataDome , a computer security firm that offers bot detection capabilities. Now they have discovered that they can abuse this Facebook technique.
From DataDome they have indicated that they have identified different groups , but mainly they have detected it in a client of a classified ads portal. They discovered certain parameters that would not be used by humans, but by bots. This included the URLs of the classifieds site pages that users would not normally share on Facebook frequently, as well as the search results pages, an indication that someone was collecting information from the classifieds site in search of recent posts.
Testing by the DataDome team confirmed the effectiveness of the technique and found that data mining groups could abuse this feature to retrieve link previews of up to 10,000 URLs every hour from a single Facebook developer account.
They also indicate that they made this problem known to the social network and from Facebook they have worked to make this process difficult by limiting the speed in the API. This way they can prevent them from collecting information in this way.