Security Experts:

Connect with us

Hi, what are you looking for?



Facebook Sues Chinese Company Over Ad Fraud

Facebook on Thursday filed suit in California against one organization and two individuals for engaging in ad fraud on the social media platform.

Facebook on Thursday filed suit in California against one organization and two individuals for engaging in ad fraud on the social media platform.

The defendants, Hong Kong-based ILikeAd Media International Company Ltd. and its employees, Chen Xiao Cong and Huang Tao, tricked Facebook users into installing malware that provided them with the ability to compromise people’s accounts.

Using the hijacked Facebook accounts, the defendants ran ads that promoted items such as counterfeit goods and diet pills.

Facebook filed the lawsuit to hold the Chinese company accountable for creating the malware, deceiving individuals into installing it, and then compromising people’s accounts to run the deceptive ads through them.

In some cases, the defendants used images of celebrities (“celeb bait”) to entice people into clicking on ads, the social platform says.

In other instances, they engaged in a practice known as cloaking, where they deliberately disguised the destination of the link in their ads. Specifically, the version of the ad’s landing page displayed to Facebook’s systems was different from the version delivered to Facebook users.

Cloaking schemes, the company explains, are often sophisticated and well organized, and holding the entities behind them accountable isn’t easy. Thus, there have been few legal actions taken against such schemes.

The social platform says it has refunded victims of this scheme and also helped them secure their accounts.

“To protect Facebook users and disrupt these types of schemes, we will continue our work to detect malicious behavior directed towards our platform and enforce against violations of our Terms and Policies,” the company also notes.

Related: Facebook Nixes Billions of Fake Accounts

Related: Facebook: Third-Party App Developers Improperly Accessed User Information

Related: Facebook Expands, Enhances Bug Bounty Programs

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.