Meta Platforms Inc., the parent company of Facebook, Instagram, and WhatsApp, has removed 63,000 accounts associated with the notorious “Yahoo Boys” scam group, the company announced in its Q1 2024 Adversarial Threat Report on Wednesday.
The accounts, deleted over the past few weeks, were used for financial sextortion scams and distributing blackmail scripts. Meta reported that a smaller network of 2,500 accounts, linked to around 20 individuals, primarily targeted adult men in the United States using fake identities.
Meta stated it identified and disabled these accounts through a combination of advanced technical signals and comprehensive investigations, enhancing its automated detection systems.
“Financial sextortion is a borderless crime, fueled in recent years by the increased activity of Yahoo Boys, loosely organized cybercriminals operating largely out of Nigeria that specialize in different types of scams,” the social media giant explained.
Meta further elaborated, “We’ve removed around 63,000 accounts in Nigeria attempting to target people with financial sextortion scams, including a coordinated network of around 2,500 accounts.”
Additionally, the company has taken down several Facebook accounts, Pages, and groups run by the Yahoo Boys. These were banned under Meta’s Dangerous Organizations and Individuals policy for attempting to organize, recruit, and train new scammers.
During the investigation, Meta found that while most scammers’ attempts were unsuccessful, some had targeted minors. These cases were reported to the National Center for Missing and Exploited Children (NCMEC).
Meta has also shared information with other tech companies through the Tech Coalition’s Lantern program to help curb these scams across platforms. The company revealed it removed around 7,200 assets in Nigeria, including 1,300 Facebook accounts, 200 pages, and 5,700 groups that were providing scam-related resources.
These assets were found offering scripts and guides for scams and sharing links to collections of photos for creating fake accounts. Meta explained that since this disruption, its systems have been actively blocking attempts from these groups to return, continually improving their detection capabilities.
The company has been working closely with law enforcement, supporting investigations and prosecutions by responding to legal requests and alerting authorities to imminent threats.
Beyond account removal, Meta emphasized its broader efforts, stating, “We also fund and support NCMEC and the International Justice Mission to run Project Boost, a program that trains law enforcement agencies around the world in processing and acting on NCMEC reports. We’ve conducted several training sessions so far, including in Nigeria and the Cote d’Ivoire, with our most recent session taking place just last month.”
To protect users, especially teens, Meta has implemented stricter messaging settings for users under 16 (under 18 in certain countries) and displays safety notices to encourage cautious behavior online.
In a related development, Meta was fined $220 million last week by Nigeria’s Federal Competition and Consumer Protection Commission (FCCPC) for multiple violations of data protection laws linked to WhatsApp.
The investigation, initiated in May 2021, found that Meta’s privacy policies infringed on users’ rights, including unauthorized data sharing and discriminatory practices.
Meta plans to appeal the decision, arguing that it disagrees with the findings and the imposed penalty. The FCCPC aims to ensure fair treatment of Nigerian users and compliance with local regulations.