Combating E-Commerce Scams and Account Takeover Attacks

By Jessica Romero, Director of Platform Enforcement and Litigation

Update on December 30, 2021 at 11:35AM PT:

Today, we filed another legal action against a group in Vietnam responsible for account takeover attacks. The defendants targeted the accounts of employees of marketing companies and tricked the victims into self-compromising their accounts by installing malicious software that was deceptively promoted as Facebook-affiliated tools for managing ads. Once installed, the malicious software was programmed to collect information through a technique known as “session or cookie hijacking.” The defendants then used the accounts to run ads without the victims’ knowledge or consent. Facebook has reimbursed the victims for the unauthorized ads, which resulted in over $16 million in losses, and helped them secure their accounts. The malicious software has also been removed from online sources.

Originally published on June 29, 2021 at 11:00AM PT:

As part of our ongoing efforts to keep people safe and combat abuse of our ad platform, we filed two separate legal actions today against the perpetrators of online scams who violated our Terms and Advertising Policies.   

In the first case, the defendants are a California marketing company and its agents responsible for a bait-and-switch advertising scheme on Facebook. In the second case, the defendants are a group of individuals located in Vietnam who got users to self-compromise their Facebook accounts and ran millions of dollars of unauthorized ads. 

Combating Ad Scams

Our first lawsuit is against N&J USA Incorporated, Mohit Melwani, and Vishaal Melwani, who ran deceptive ads on Facebook that promoted the sale of merchandise such as clothing, watches and toys. When someone clicked on one of these ads, they were redirected to third-party e-commerce websites to complete their purchase. After paying for an item, users either never received anything or received merchandise that was different or of a lesser quality than what had been advertised. 

In an effort to conceal their bait-and-switch scheme on Facebook, the defendants blocked and concealed user complaints and negative reviews on their Facebook Pages. Facebook previously disabled several of the defendants’ accounts and Pages. This action is one of Facebook’s first lawsuits against this type of bait-and-switch scheme and builds on our prior actions against e-commerce abuse.

Disrupting Account Takeover Attacks

The second suit is against four individuals residing in Vietnam, who used a technique known as “session theft” or “cookie theft” to compromise accounts of employees of advertising and marketing agencies and then ran unauthorized ads. The defendants misled the victims into self-compromising their accounts by installing a mobile app from the Google Play Store deceptively called “Ad Manager for Facebook.” This app, which has since been removed from the Play store, was created by the defendants and prompted users to share their Facebook login credentials and other information, which was then used to access their Facebook accounts and run ads. In some cases, these ads also promoted online scams. The group ran over $36 million in unauthorized ads. In this case, Facebook refunded the victims and helped them secure their accounts.

The suit seeks to expose the full conduct of Thêm Hữu Nguyễn, Lê Khang, Nguyễn Quốc Bảo and Pham Hữu Dung’s and hold them accountable for creating the app, tricking people into installing it, compromising people’s Facebook accounts and then using those accounts to run deceptive ads. This is our second lawsuit against an account takeover attack.

Today’s legal actions demonstrate our ongoing commitment to protecting users, enforcing our policies and holding people accountable for abusing our services.

To help personalize content, tailor and measure ads, and provide a safer experience, we use cookies. By clicking or navigating the site, you agree to allow our collection of information on and off Facebook through cookies. Learn more, including about available controls: Cookie Policy