Facebook lured charities to its platform, then abandoned them once they got hacked


Originally published at: https://boingboing.net/2018/12/04/surveillance-charitism.html


This is tougher than it looks on the surface. The charity is hacked and tries to call tech support to get their account back OR hacker pretending to be the charity calls tech support to get their account stolen. The latter is the most common hacking technique. Figuring out which is the legitimate party is extremely difficult if the hackers are any good.

But on a broader point the whole Facebook charity thing seems to be pretty dubious on the surface. Literally anybody can set one up (I once clicked on a link by accident and Facebook nagged me for days to finish setting up the charity I’d started) and there is no apparent accountability. There is a reason PayPal doesn’t do charities like this anymore–it’s a hotbed for corruption. Every time there is a disaster somewhere in the world hundreds of “charities” will appear asking for donations to help the victims, donations that never make it anywhere near the disaster zone.

On a final point. Facebook, along with many other websites, offers two factor authentication. Set it up everywhere you can. It makes a hacker’s job much much harder when they’re trying to convince the CSR to reset your account password and email address. If there is a dispute over the custody of an account and one party has the second factor codes/device while the other does not the dispute will be over quickly.


Charities, like independent media outlets and academic institutions and other unwilling guests of Facebook and Twitter, would be great places to set up instances of distributed and federated FOSS alternatives for their users.


Interesting. How did charities solicit funds prior to the creation of Facebook?

Perhaps do that instead.


How do you vet a distributed entity though? How can you determine which are legitimate and which are fraudulent?


You don’t. Accountability is not the goal of my suggestion; promoting end-user adoption of these platforms is.

The idea is for established and trusted brands, for-profit and non-profit, to start their own Mastadon or Diaspora instances based on their existing reputations with their users/constituents/donors/etc. They get most of the benefits of being on Facebook or Twitter, but without becoming reliant on those platforms’ walled gardens and greedpig management decisions. The organisation or company owns and controls its presence in the social media federation.

Sure, a fake charity could set up its own instances, but then they can set up their own Web sites and (per your experience) Facebook groups. So you might as well ask your question about the sites and groups set up by those disaster bottom feeders. The answer is to check one of several charity-rating Web sites out there.

Here’s an earlier BB post on federated and distributed social media platforms:




Facebook lured charities to its platform, then abandoned them once they got hacked


“Facebook lured charities to its platform, then abandoned them once they got hacked”

well of course they did.

closed #10

This topic was automatically closed after 5 days. New replies are no longer allowed.