Cambridge Analytica was caught tampering with elections by exploiting Facebook, but chances are that this is the tip of the iceberg, and that many others, including scammers and ID thieves, are also exploiting Facebook and other social networks. One way that they do this is as follows.
Cambridge Analytica website (front page) - www.cambridgeanalytica.org
The Facebook Hacking Algorithm
This is how bad guys collect data about million of profiles, on Facebook:
Also, scammers use dozens if not hundreds of IP addresses to create these numerous fake accounts. They do it by recruiting an army of drone workers paid peanuts, or via a Botnet, or recycled or non-static IP addresses, or proxy servers. The smartest ones might even use computer viruses to create Facebook accounts in the background on your hijacked computer (thus via your IP address), without you being aware of it. You may not notice it until your own (real) Facebook account gets blocked for no apparent reason.
What can you and Facebook do for protection?
One way to protect yourself is to not share too much information with your friends, and not accepting friend requests from people that you don't know. If a scammer has access to your date of birth, it could be the only information missing (he already has you social security number from other sources) to hijack your ID. If he knows when you are out of town and that you live alone, it will help him schedule a successful burglary.
Since many naive people will always accept friendship from strangers (for instance hoping to develop a new romance, or to appear more popular) an easy way for Facebook to reduce the risks is, each time a user is about to accept a new friendship, Facebook should use this trick: You must answer an automatically generated question about your new potential friend, such as the country of residence. This way, it will force you to at least look at the profile in question, rather than blindly accept friendship. And by looking at the profile in question (and his friends -- many of his friends are probably other fake profiles that he created,) it will be obvious that he/she is fake.
Another solution is for Facebook to create dormant fake profiles. I did some tests myself, and any time you create a new profile (someone that does not even exist) you immediately get many friend requests from strangers (fake profiles too.) In some way it is kind of funny, fake profiles interacting with other fake profiles, but for Facebook, it is an easy solution to go fishing after scammers.
Did you know that there are more US Facebook profiles than there are US residents? If one cell phone number was attached to each profile (a one-to-one mapping), I am wondering how many US Facebook profiles would be left. Of cause, scammers use a bunch of temporary cell phone numbers, so this would not fix everything. Some of the profiles are duplicate, as many real members experience problems (being flagged by Facebook) for no reasons, as Facebook monitoring algorithms currently generate many false positives (as well as many false negatives.)
False positives on Facebook
Recently, Facebook has been very aggressive at banning as much content as they can. At the same time, the number of false positives is exploding. I think this is not a glitch in their data science algorithms, but rather, legal pressure. The result is a lot of false positives, and revenue loss for Facebook. Over time, they will fix it, but for now, it looks like the Wild West. Below are a few examples.
Ad rejected by Facebook, official reason: too much text in the picture
Counter example (false negative): This guy has many fake friends (disguised escort girls) trying to befriend me, but this seems to be OK with Facebook. Maybe connected to Cambridge Analytica?
Example of John Pierce's fake friends -- If you click her profile picture, you will see pornography.
I wrote about this in the past, and it is just getting worse. See here for a recent article on this topic.