Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Pirates of Charity: Exploring Donation-based Abuses in Social Media Platforms

Bhupendra Acharya, Dario Lazzaro, Antonio Emanuele Cinà, Thorsten Holz

TL;DR

This work addresses the rise of donation-based scams on social media by conducting the first large-scale, cross-platform analysis across X, Instagram, Telegram, YouTube, and Facebook. The authors collect data on approximately 152k accounts and 3.05 million posts, identify 832 scammers, and validate the financial impact through collaboration with PayPal and Chainabuse. The study introduces a three-part methodology—data collection, fraud filtration, and scam tracking—revealing pervasive use of external channels (emails, phones, URLs) and substantial cross-platform interlinking to 11 platforms and crowdfunding services. The findings motivate proactive detection and mitigation strategies for social platforms and payment services and establish a foundation for automated defense against fraudulent donation solicitation.

Abstract

With the widespread use of social media, organizations, and individuals use these platforms to raise funds and support causes. Unfortunately, this has led to the rise of scammers in soliciting fraudulent donations. In this study, we conduct a large-scale analysis of donation-based scams on social media platforms. More specifically, we studied profile creation and scam operation fraudulent donation solicitation on X, Instagram, Facebook, YouTube, and Telegram. By collecting data from 151,966 accounts and their 3,053,333 posts related to donations between March 2024 and May 2024, we identified 832 scammers using various techniques to deceive users into making fraudulent donations. Analyzing the fraud communication channels such as phone number, email, and external URL linked, we show that these scamming accounts perform various fraudulent donation schemes, including classic abuse such as fake fundraising website setup, crowdsourcing fundraising, and asking users to communicate via email, phone, and pay via various payment methods. Through collaboration with industry partners PayPal and cryptocurrency abuse database Chainabuse, we further validated the scams and measured the financial losses on these platforms. Our study highlights significant weaknesses in social media platforms' ability to protect users from fraudulent donations. Additionally, we recommended social media platforms, and financial services for taking proactive steps to block these fraudulent activities. Our study provides a foundation for the security community and researchers to automate detecting and mitigating fraudulent donation solicitation on social media platforms.

Pirates of Charity: Exploring Donation-based Abuses in Social Media Platforms

TL;DR

This work addresses the rise of donation-based scams on social media by conducting the first large-scale, cross-platform analysis across X, Instagram, Telegram, YouTube, and Facebook. The authors collect data on approximately 152k accounts and 3.05 million posts, identify 832 scammers, and validate the financial impact through collaboration with PayPal and Chainabuse. The study introduces a three-part methodology—data collection, fraud filtration, and scam tracking—revealing pervasive use of external channels (emails, phones, URLs) and substantial cross-platform interlinking to 11 platforms and crowdfunding services. The findings motivate proactive detection and mitigation strategies for social platforms and payment services and establish a foundation for automated defense against fraudulent donation solicitation.

Abstract

With the widespread use of social media, organizations, and individuals use these platforms to raise funds and support causes. Unfortunately, this has led to the rise of scammers in soliciting fraudulent donations. In this study, we conduct a large-scale analysis of donation-based scams on social media platforms. More specifically, we studied profile creation and scam operation fraudulent donation solicitation on X, Instagram, Facebook, YouTube, and Telegram. By collecting data from 151,966 accounts and their 3,053,333 posts related to donations between March 2024 and May 2024, we identified 832 scammers using various techniques to deceive users into making fraudulent donations. Analyzing the fraud communication channels such as phone number, email, and external URL linked, we show that these scamming accounts perform various fraudulent donation schemes, including classic abuse such as fake fundraising website setup, crowdsourcing fundraising, and asking users to communicate via email, phone, and pay via various payment methods. Through collaboration with industry partners PayPal and cryptocurrency abuse database Chainabuse, we further validated the scams and measured the financial losses on these platforms. Our study highlights significant weaknesses in social media platforms' ability to protect users from fraudulent donations. Additionally, we recommended social media platforms, and financial services for taking proactive steps to block these fraudulent activities. Our study provides a foundation for the security community and researchers to automate detecting and mitigating fraudulent donation solicitation on social media platforms.

Paper Structure

This paper contains 21 sections, 9 figures, 6 tables.

Table of Contents

  1. Introduction
  2. Related Work
  3. Evaluation Setup and Data Filtration
  4. Raw Dataset Aggregation
  5. Fraudulent Donation Filtration
  6. Pre-Processing on Raw Data
  7. Data Filtration and Labelling
  8. Tracking and Scam Analysis
  9. Scam Donation Abuse Overview
  10. Profile Content and Association
  11. Fraud Topologies: Anatomy of Fraudulent Donation Solicitations
  12. Evaluation of Scammer Profile Picture
  13. Sentiment Analysis of Public Comments
  14. Scammer Network Analysis
  15. Operation Beyond Originating Platform
  16. ...and 6 more sections

Figures (9)

  • Figure 1: Examples of Scamming Donation Support Request: The first two images \ref{['fig:ts_a']}, \ref{['fig:ts_b']} show the associated social media profile of the scamming donation on Facebook and Instagram social media platforms. The third image \ref{['fig:ts_c']} shows the associated external website asking for a donation to support and the last screenshot \ref{['fig:ts_d']} shows the risk engine evaluation from multiple anti-phishing engines (Antiy-AVL, CyRadar, Fortinet, Netcraft, AlphaMountain.ai and Forcepoint ThreatSeeker) indicating that the website is malicious or suspicious. The social media profiles can appear genuine, making it difficult to recognize the scam at first glance.
  • Figure 2: Evaluation Setup Design: An overview of our system, which consists of mainly three components: (i) Data Collection which performs automated donation-based keyword searches in five social media platforms, (ii) Scam Filtration which performs data filtration associated to donation soliciting fraudulent accounts, and (iii) Tracking and Scam Analysis which provides an evaluation of scammer's modes of operation and techniques.
  • Figure 3: Distribution of security risk engines flagged communication channels (email, phone number, and URLs) across social media platforms. In this pie chart, we show the total number of scamming channels that were flagged by security risk engines identified across five social media platforms, with 31% of the total communication channels accounting from the YouTube platform.
  • Figure 4: CDF Engagement and age of scammer profile from each of the social media platforms -- \ref{['fig:si_at']} shows the engagement of scammer via posts, \ref{['fig:si_ap']} shows the following count of scammers and \ref{['fig:si_ac']} shows the age of scammers based on profile creation date from each of the social media platforms that we studied.
  • Figure 5: System prompt for Llama-3. We instruct-tune Llama-3-8B to classify sentiment in Youtube users comments with a system prompt describing the task and two examples.
  • ...and 4 more figures