Facebook sponsored posts selling access to hacked PayPal accounts

Graham Cluley

Facebook ads selling access to PayPal accounts

Facebook ads selling access to PayPal accounts

Have you ever been curious just how much vetting Facebook does before it accepts cash for an ad or a sponsored post?

Judging by what’s popping up in some users’ newsfeeds, the answer is not that much.

Take this sponsored post, for instance, which promotes a website that sells access to hacked PayPal accounts.

Paypal facebook sponsored ad 500

The website promoted by the sponsored post appears to be Russian in origin, and will charge you different amounts depending on how much money is sitting in the hacked PayPal account:

For a mere $30, you can buy access to a PayPal account with a balance of between $90-$130. $70 will get you someone else’s PayPal wallet with between $330-$400, and if you are prepared to give the website owners’ as much as $470 you are promised access to a hacked PayPal account containing over $2000.

Oh, and if the ad is to be believed you will receive an extra PayPal wallet thrown in for free as part of the deal.

The website claims that the PayPal accounts are “100% valid”, and are not protected by SMS-based two-factor authentication (2FA).

Of course, don’t forget that you are buying something from people who have demonstrated they have no problem with criminality, so don’t be surprised if they rip you off too.

Facebook isn’t doing a good enough job of cleaning up its social network of obviously dodgy sponsored ads, presumably paid for with stolen funds.


If you’re thinking of leaving Facebook, why not listen to this “Smashing Security” podcast we recorded:

Smashing Security #75: 'Quitting Facebook'

Listen on Apple Podcasts | Google Podcasts | Other... | RSS
More episodes...

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.
Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET EMAIL UPDATES