Facebook’s comments plugin, which was built to let users leave comments on websites with their Facebook accounts, promises to help deliver “higher quality conversations” across the internet.
Instead, it has prompted a wave of spam across popular websites.
On sites such as BuzzFeed, Ozy, and Kirkus Reviews, the Facebook comments plugin that sits below articles with user comments enabled has been overwhelmed with blatant spam from seemingly fake accounts, Business Insider has found — frustrating readers and raising questions about the social network’s ability to police malicious content online.
The comments are unsophisticated, repetitive, and easily recognizable as spam. “I have just received $17953 by working online from home in my part time. I have joined this job 3 months ago and in just 3 months i have earned $49k+ from this online job,” one comment reads before providing a link to a dodgy-looking website promising ways to make easy money.
Another says: “Facebook gives me $ 10000 to $ 18000 every month by just doing some copy paste job on my Laptop. Its amazing to work and stay at home. Start Your Income online now and Earn upto $ 2520 every week.”
Facebook has faced more than two years of scrutiny over its content-moderation efforts — but the disarray on Facebook comment boxes across the web illustrates how entire categories of problematic content are still slipping through the cracks.
In an emailed statement, Joe Osborne, a Facebook spokesperson, said: “We’re constantly working to limit the spread of spam on Facebook, including across the Comments Plugin.”
Facebook promises ‘best-in class’ spam detection. The reality is very different.
Originally introduced in 2009, Facebook Comments Plugin is an easy way for online publishers and other websites to let their users comment on articles. Rather than building comment functionality and user accounts from scratch, developers just integrate Facebook’s code, which inserts a ready-made discussion thread users can comment on using their existing Facebook accounts.
For publishers, that meant not only less internal work, but an end to the trolls and spammers notorious for polluting the comment sections of news sites. By tying comments to users’ (theoretically) real Facebook identities, Facebook’s commenting tool promised to produce better discussions than what might take place within a site’s home-made comments section or one provided by another third-party tool like Disqus.
Website operators can police comments manually using Facebook’s “powerful” moderation tools — but a key attraction is also purported access to Facebook’s sophisticated automatic spam filters. “We’ve also improved our spam detection and filtering with best-in-class detection and automation systems,” the promotional material says.
However, these systems seem to have clearly failed on multiple websites — with a product intended to promote conversational health instead eroding online discourse and putting ordinary people at risk.
What’s more, Facebook’s website promoting Facebook Comments didn’t appear to have been updated in several years. It has a list of popular websites that use the feature — HuffPost, Yahoo Japan, MSN, ESPN, TechCrunch, and Fox Sports — but all seem to have since stopped. (It also features an outdated logo for HuffPost that was replaced nearly two years ago.) After Business Insider reached out, these logos were removed.
It’s not clear how many employees at Facebook are working on the feature today, and a company spokesperson declined to share a figure.
Some other popular websites that use the Facebook Comments Plugin (including Consumer Reports and Out.com) don’t appear to have spam comments; it’s not clear if these sites’ workers are far more active manually moderating comments, or if they simply haven’t been targeted by spammers.
Facebook is spending big on safety and security
Facebook has widely touted investments into safety and security initiatives over the past few years, after repeated scandals over content on its platform.
Five years later, the nature of the spam has changed — but Facebook still hasn’t managed to put a stop to it.
Got a tip? Contact this reporter using a non-work device via encrypted messaging app Signal (+1 650-636-6268), encrypted email (ro[email protected]), standard email ([email protected]), Telegram/WeChat (robaeprice), or Twitter DM (@robaeprice). PR pitches by standard email only, please.