Log in
Today's links
- Facebook's fraud files: 10% of gross ad revenue coming from fraudulent ads.
- Hey look at this: Delights to delectate.
- Object permanence: FOIA for Theresa May; Paid patriotism; Antiusurpation.
- Upcoming appearances: Where to find me.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
Facebook's fraud files (permalink)
A blockbuster Reuters report by Jeff Horwitz analyzes leaked internal documents that reveal that: 10% of Meta's gross revenue comes from ads for fraudulent goods and scams, and; the company knows it, and; they decided not to do anything about it, because; the fines for facilitating this life-destroying fraud are far less than the expected revenue from helping to destroy its users' lives:
The crux of the enshittification hypothesis is that companies deliberately degrade their products and services to benefit themselves at your expense because they can. An enshittogenic policy environment that rewards cheating, spying and monopolization will inevitably give rise to cheating, spying monopolists:
https://pluralistic.net/2025/09/10/say-their-names/#object-permanence
You couldn't ask for a better example than Reuters' Facebook Fraud Files. The topline description hardly does this scandal justice. Meta's depravity and greed in the face of truly horrifying fraud and scams on its platform is breathtaking.
Here's some details: first, the company's own figures estimate that they are delivering 15 billion scam ads every single day, which generate $7 billion in revenue every year. Despite its own automatic systems flagging the advertisers behind these scams, Meta does not terminate their account – rather, it charges them more money as a "disincentive." In other words, fraudulent ads are more profitable for Meta than non-scam ads.
Meta's own internal memos also acknowledge that they help scammers automatically target their most vulnerable users: if a user clicks on a scam, the automated ad-targeting system floods that user's feed with more scams. The company knows that the global fraud economy is totally dependent on Meta, with one third of all US scams going through Facebook (in the UK, the figure is 54% of all "payment-related scam losses"). Meta also concludes that it is uniquely hospitable to scammers, with one internal 2025 memo revealing the company's conclusion that "It is easier to advertise scams on Meta platforms than Google."
Internally, Meta has made plans to reduce the fraud on the platform, but the effort is being slow-walked because the company estimates that the most it will ultimately pay in fines worldwide ads up to $1 billion, while it currently books $7 billion/year in revenue from fraud. The memo announcing the anti-fraud effort concludes that scam revenue dwarfs "the cost of any regulatory settlement involving scam ads." Another memo concludes that the company will not take any pro-active measures to fight fraud, and will only fight fraud in response to regulatory action.
Meta's anti-fraud team operates under an internal quota system that limits how many scam ads they are allowed to fight. A Feb 2025 memo states that the anti-fraud team is only allowed to take measures that will reduce ad revenue by 0.15% ($135m) – even though Meta's own estimate is that scam ads generate $7 billion per year for the company. The manager in charge of the program warns their underlings that "We have specific revenue guardrails."
What does Meta fraud look like? One example cited by Reuters is the company's discovery of a "six-figure network of accounts" that impersonated US military personnel, who attempted to trick other Meta users sending them money. Reuters also describes "a torrent of fake accounts pretending to be celebrities or represent major consumer brands" in order to steal Meta users' money.
Another common form of fraud is "sextortion" scams. That's when someone acquires your nude images and threatens to publish them unless you pay them money and/or perform more sexual acts on camera for them. These scams disproportionately target teenagers and have led to children committing suicide:
In 2022, a Meta manager sent a memo complaining about a "lack of investment" in fraud-fighting systems. The company had classed this kind of fraud as a "low severity" problem and was deliberately starving enforcement efforts of resources.
This only got worse in the years that followed, when Meta engaged in mass layoffs from the anti-fraud side of the business in order to free up capital to work on perpetrating a different kind of scam – the mass investor frauds of metaverse and AI:
https://pluralistic.net/2025/05/07/rah-rah-rasputin/#credulous-dolts
These layoffs sometimes led to whole departments being shuttered. For example, in 2023, the entire team that handled "advertiser concerns about brand-rights issues" was fired. Meanwhile, Meta's metaverse and AI divisions were given priority over the company's resources, to the extent that safety teams were ordered to stop making any demanding use of company infrastructure, ordered instead to operate so minimally that they were merely "keeping the lights on."
Those safety teams, meanwhile, were receiving about 10,000 valid fraud reports from users every week, but were – by their own reckoning – ignoring or incorrectly rejecting 96% of them. The company responded to this revelation by vowing to reduce the share of valid fraud reports that it ignored to a mere 75% by 2023.
When Meta roundfiles and wontfixes valid fraud reports, Meta users lose everything. Reuters reports out the case of a Canadian air force recruiter whose account was taken over by fraudsters. Despite the victim repeatedly reporting the account takeover to Meta, the company didn't act on any of these reports. The scammers who controlled the account started to impersonate the victim to her trusted contacts, shilling crypto scams, claiming that she had bought land for a dream home with her crypto gains.
While Meta did nothing, the victim's friends lost everything. One colleague, Mike Lavery, was taken for CAD40,000 by the scammers. He told Reuters, "I thought I was talking to a trusted friend who has a really good reputation. Because of that, my guard was down." Four other colleagues were also scammed.
The person whose account had been stolen begged her friends to report the fraud to Meta. They sent hundreds of reports to the company, which ignored them all – even the ones she got the Royal Canadian Mounted Police to deliver to Meta's Canadian anti-fraud contact.
Meta calls this kind of scam, where scammers impersonate users, "organic," differentiating it from scam ads, where scammers pay to reach potential victims. Meta estimates that it hosts 22 billion "organic" scam pitches per day. These organic scams are actually often permitted by Meta's terms of service: when Singapore police complained to Meta about 146 scam posts, the company concluded that only 23% of these scams violated their Terms of Service. The others were all allowed.
These permissible frauds included "too good to be true" come-ons for 80% discounts on leading fashion brands, offers for fake concert tickets, and fake job listings – all permitted under Meta's own policies. The internal memos seen by Reuters show Meta's anti-fraud staffers growing quite upset to realize that these scams were not banned on the platform, with one Meta employee writing, "Current policies would not flag this account!"
But even if a fraudster does violate Meta's terms of service, the company will not act. Per Meta's own policies, a "High Value Account" (one that spends a lot on fraudulent ads) has to accrue more than 500 "strikes" (adjudicated violations of Meta policies) before the company will take down the account.
Meta's safety staff grew so frustrated by the company's de facto partnership with the fraudsters that preyed on its users that they created a weekly "Scammiest Scammer" award, given to the advertiser that generated the most complaints that week. But this didn't actually spark action – Reuters found that 40% of Scammiest Scammers were still operating on the platform six months after being flagged as the company's most prolific fraudster.
This callous disregard for Meta's users isn't the result of a new, sadistic streak in the company's top management. As the whistleblower Sarah Wynn-Williams' memoir Careless People comprehensively demonstrates, the company has always been helmed by awful people who would happily subject you to grotesque tormets to make a buck:
https://pluralistic.net/2025/04/23/zuckerstreisand/#zdgaf
The thing that's changed over time is whether they can make a buck by screwing you over. The company's own internal calculus reveals how this works: they make more money from fraud – $7 billion/year – than they will ever have to pay in fines for exposing you to fraud. A fine is a price, and the price is right (for fraud).
The company could reduce fraud, but it's expensive. To lower the amount of fraud, they must spend money on fraud-fighting employees who review automated and user-generated fraud flags, and accept losses from "false positives" – overblocking ads that look fraudulent, but aren't. Note that these two outcomes are inversely correlated: the more the company spends on human review, the fewer dolphins they'll catch in their tuna nets.
Committing more resources to fraud fighting isn't the same thing as vowing to remove all fraud from the platform. That's likely impossible, and trying to do so would involve invasively intervening in users' personal interactions. But it's not necessary for Meta to sit inside every conversation among friends, trying to decide whether one of them is scamming the others, for the company to investigate and act on user complaints. It's not necessary for Meta to invade your conversations for it to remove prolific and profitable fraudsters without waiting for them to rack up 500 policy violations.
And of course, there is one way that Meta could dramatically reduce fraud: eliminate its privacy-invasive ad-targeting system. The top of the Meta ad-funnel starts with the nonconsensual dossiers Meta has assembled on more than 4 billion people around the world. Scammers pay to access these dossiers, targeting their pitches to users who are most vulnerable.
This is an absolutely foreseeable outcome of deeply, repeatedly violating billions of peoples' human rights by spying on them. Gathering and selling access to all this surveillance data is like amassing a mountain of oily rags so large that you can make billions by processing them into low-grade fuel. This is only profitable if you can get someone else to pay for the inevitable fires:
https://locusmag.com/feature/cory-doctorow-zucks-empire-of-oily-rags/
That's what Meta is doing here: privatizing the gains to be had from spying on us, and socializing the losses we all experience from the inevitable fallout. They are only able to do this, though, because of supine regulators. Here in the USA, Congress hasn't delivered a new consumer privacy law since 1988, when they made it a crime for video-store clerks to disclose your VHS rentals:
https://pluralistic.net/2023/12/06/privacy-first/#but-not-just-privacy
Meta spies on us and then allows predators to use that surveillance to destroy our lives for the same reason that your dog licks its balls: because they can. They are engaged in conduct that is virtually guaranteed by the enshittogenic policy environment, which allows Meta to spy on us without limit and which fines them $1b for making $7b on our misery.
Mark Zuckerberg has always been an awful person, but – as Sarah Wynn-Williams demonstrates in her book – he was once careful, worried about the harms he would suffer if he harmed us. Once we took those consequences away, Zuck did exactly what his nature dictated he must: destroyed our lives to increase his own fortune.
Hey look at this (permalink)
- Dick Cheney Doesn’t Deserve Your Heartfelt Eulogies https://theintercept.com/2025/11/04/dick-cheney-death-iraq-war/
-
Queen West Complete, Summer 2015 https://crowdfundr.com/queenwest2015?ref=ab_4OgKuqNTSbD4OgKuqNTSbD
-
Does Ubiquitous Computing Need Interface Agents? https://cgi.csc.liv.ac.uk/~coopes/comp319/2016/papers/UbiquitousComputingAndInterfaceAgents-Weiser.pdf
-
America’s Dumbest Billionaires Fail to Stop Zohran Mamdani https://prospect.org/2025/11/04/americas-dumbest-billionaires-fail-to-stop-zohran-mamdani/
-
Why Solarpunk is already happening in Africa https://climatedrift.substack.com/p/why-solarpunk-is-already-happening
Object permanence (permalink)
#20yrsago Singapore’s stocking-foot executioner https://web.archive.org/web/20051029103210/http://www.news.com.au/story/0,10117,17057851-2,00.html
#20yrsago Cinemas as police-states: why box-office revenue is in decline? https://web.archive.org/web/20051107024915/https://www.politechbot.com/2005/11/04/how-the-mpaa/
#20yrsago Westchester Co’s clueless WiFi lawmakers demonstrate cluelessness http://www.psychicfriends.net/blog/archives/2005/11/06/idiot_politicians_in_my_neighborhood.html
#20yrsago Katamari Damacy homemade models http://www.harveycartel.org/mare/pics/katamari.html
#15yrsago Cut-up artist alphabetizes the newspaper https://web.archive.org/web/20101109012930/http://derrenbrown.co.uk/blog/2010/11/kim-rugg-london-artists-knife-skills-knack-precision/
#15yrsago Colorado DA drops felony hit-and-run charges against billion-dollar financier because of “serious job implications” https://web.archive.org/web/20101108122254/http://www.vaildaily.com/article/20101104/NEWS/101109939/1078&ParentProfile=1062
#10yrsago A Freedom of Information request for UK Home Secretary Theresa May’s metadata https://www.techdirt.com/2015/11/06/uk-home-secretary-says-dont-worry-about-collection-metadata-foia-request-made-her-metadata/
#10yrsago Religious children more punitive, less likely to display altruism https://www.theguardian.com/world/2015/nov/06/religious-children-less-altruistic-secular-kids-study
#10yrsago Once again, the SFPD blames a cyclist for his own death without any investigation https://sfist.com/2015/11/04/sfpd_once_again_blames_cyclist_for/
#10yrsago Paid Patriotism: Pentagon spent millions bribing sports teams to recognize military service https://www.huffpost.com/entry/defense-military-tributes-professional-sports_n_5639a04ce4b0411d306eda5e
#10yrsago Spy at will! FCC won’t force companies to honor Do Not Track https://arstechnica.com/information-technology/2015/11/fcc-wont-force-websites-to-honor-do-not-track-requests/
#10yrsago TPP will let banks write their own regulations and stick taxpayers with the bill https://theintercept.com/2015/11/06/ttp-trade-pact-would-give-wall-street-a-trump-card-to-block-regulations/
#10yrsago Typewriter portraiture, the strange story of 1920s ASCII art https://web.archive.org/web/20151108220746/https://pictorial.jezebel.com/the-typewriter-ascii-portraits-of-classic-hollywood-and-1738094492
#5yrsago QE, inflation, slave labor and a People's Bailout https://pluralistic.net/2020/11/07/obamas-third-term/#peoplesbailout
#1yrago Antiusurpation and the road to disenshittification https://pluralistic.net/2024/11/07/usurpers-helpmeets/#disreintermediation
Upcoming appearances (permalink)
- Lisbon: A post-American, enshittification-resistant internet, with Rabble (Web Summit), Nov 12
https://websummit.com/sessions/lis25/92f47bc9-ca60-4997-bef3-006735b1f9c5/a-post-american-enshittification-resistant-internet/ -
Cardiff: Hay Festival After Hours, Nov 13
https://www.hayfestival.com/c-203-hay-festival-after-hours.aspx -
Oxford: Enshittification and Extraction: The Internet Sucks Now with Tim Wu (Oxford Internet Institute), Nov 14
https://www.oii.ox.ac.uk/news-events/events/enshittification-and-extraction-the-internet-sucks-now/ -
London: Enshittification with Sarah Wynn-Williams and Chris Morris, Nov 15
https://www.barbican.org.uk/whats-on/2025/event/cory-doctorow-with-sarah-wynn-williams -
London: Downstream IRL with Aaron Bastani (Novara Media), Nov 17
https://dice.fm/partner/tickets/event/oen5rr-downstream-irl-aaron-bastani-in-conversation-with-cory-doctorow-17th-nov-earth-london-tickets -
London: Enshittification with Carole Cadwalladr (Frontline Club), Nov 18
https://www.eventbrite.co.uk/e/in-conversation-enshittification-tickets-1785553983029 -
Virtual: Enshittification with Vass Bednar (Vancouver Public Library), Nov 21
https://www.crowdcast.io/@bclibraries-present -
Toronto: Jailbreaking Canada (OCAD U), Nov 27
https://www.ocadu.ca/events-and-exhibitions/jailbreaking-canada -
San Diego: Enshittification at the Mission Hills Branch Library, Dec 1
https://libraryfoundationsd.org/events/doctorow -
Seattle: Neuroscience, AI and Society (University of Washington), Dec 4
https://www.eventbrite.com/e/neuroscience-ai-and-society-cory-doctorow-tickets-1735371255139 -
Madison, CT: Enshittification at RJ Julia, Dec 8
https://rjjulia.com/event/2025-12-08/cory-doctorow-enshittification
Recent appearances (permalink)
- Reimagining Digital Public Infrastructure (Attention: Govern Or Be Governed)
https://www.youtube.com/watch?v=F8JuXDfDtBY -
Enshittification and How To Fight It (ILSR)
https://www.whoshallrule.com/p/enshittification-and-how-to-fight -
Big Tech’s “Enshittification” & Bill McKibben on Solar Hope for the Planet
https://www.writersvoice.net/2025/11/cory-doctorow-on-big-techs-enshittification-bill-mckibben-on-solar-hope-for-the-planet/ -
Enshittification and the Rot Economy with Ed Zitron (Clarion West)
https://www.youtube.com/watch?v=Tz71pIWbFyc -
Amanpour & Co (New Yorker Radio Hour)
https://www.youtube.com/watch?v=I8l1uSb0LZg
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (the-bezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2026
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Memex Method," Farrar, Straus, Giroux, 2026
-
"The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, 2026
Colophon (permalink)
Today's top sources:
Currently writing:
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. FIRST DRAFT COMPLETE AND SUBMITTED.
-
A Little Brother short story about DIY insulin PLANNING
This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Medium (no ads, paywalled):
Twitter (mass-scale, unrestricted, third-party surveillance and advertising):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
