Matt Binder* says a glitch has been found in Facebook that can easily create and spread fake news via a feature that was previously shut down two years ago.
Image: John Iglar
Facebook has a major loophole that allows nefarious users to get around its strategy to stop fake news.
The social media giant has been taking its fight against misinformation and fake news more seriously in recent years.
However, a recently discovered loophole proves that Facebook CEO, Mark Zuckerberg and the rest of his company still have a lot more work to do.
Mashable has learned of a glitch in Facebook Groups that allows Facebook Pages to easily create and spread fake news and misinformation via a feature that was previously shut down two years ago: editable link previews.
Link previews are the embeds that pop up when you post a link on Facebook.
They usually contain a large thumbnail, the main URL where the link is from, the title of the post, and a short description of the article.
Facebook auto-populates this information from the actual post image, headline, and description on the website being linked.
It’s a visually pleasing way to show what would otherwise be a textual link.
An example is a link preview for a CNN story on independent presidential candidate Howard Schultz dropping out of the race.
Prior to mid-2017, any user who pasted a link on Facebook was able to edit the image, headline, and description to whatever they wanted before posting the link publicly to the site.
However, in June of that year, Facebook made a big change as part of its fight against fake news and misinformation.
The company announced it was ending the ability for users to edit link previews.
“By removing the ability to customise link metadata (i.e. headline, description, image) from all link sharing entry points on Facebook, we are eliminating a channel that has been abused to post false news,” said Facebook in a 2017 post explaining the move on its site for developers.
In a private Facebook Group discussing social media related topics, I recently came across a user explaining how they discovered a weird glitch that still allowed Facebook Pages to edit link preview metadata.
Again, this is a feature that was supposedly completely shut down one year ago.
“If I am posting something from Mashable from a Facebook Page about how important vaccines are,” explained the user, who requested anonymity for this piece, in a private Facebook message, “I could now change the headline to say ‘New Report Finds Vaccines Are Bogus’.”
Let’s take the Howard Schultz dropping out of the presidential race example, in which the headline read: “Howard Schultz drops plans to run as independent candidate in 2020.”
Using my Facebook Page and the loophole, I was able to post the same CNN link in a Facebook Group with an edited headline, reading “Latest polls show Howard Schultz beating Trump, Dems in 2020”, completely changing the meaning of the post.
The average Facebook user scrolling by will see a CNN-sourced article with a fake headline and wouldn’t know it was altered unless they actually clicked through.
“I reported it to [Facebook] a few months back,” the source wrote to me more than four weeks ago.
“I reported it again not too long ago and two days ago they responded with an automated reply and closed the ticket.”
This person provided me with a screenshot of a support ticket dated 2 August.
The message sent to Facebook details the issue, the concern with the spread of misinformation via malicious users, and a note detailing how they had first reached out to the company about the issue in February or March of this year.
Ten days later, Facebook replied.
“We received your report and appreciate your patience as we work to fix technical problems on Facebook,” the company said.
“Though we can’t update everyone who submits a report, we’re using your feedback to improve the Facebook experience for everyone.”
The support ticket was promptly closed.
I can confirm that Facebook Pages could still edit link preview metadata in Facebook Groups at the time of publishing.
Facebook has emphasised its fight against fake news on its platform in recent years.
Amid a redesign earlier this year, Facebook put a strong focus on its Groups feature throughout the platform.
The company has long pushed Groups as a priority, citing “meaningful” engagement.
However, with Facebook’s centring of Groups, conspiracy theorists and other bad actors moved their misinformation and fake news sharing to private and secret Groups.
In fact, just last month, the social media giant published a lengthy post reminding Facebook Groups users that its policies exist even within those private communities.
The company is clearly aware of these problems in Groups, which makes it even more baffling that the issue hasn’t been fixed.
Studies have found that a majority of people don’t read past the headlines of an article they see online.
On top of that, after reading only the headline, they’ll also share it — a sad but unsurprising fact in the digital age.
The ability to edit the headline and short description for a shared link can easily be abused by bad actors.
Add in the fact that the Facebook link preview maintains the official URL where the article is from, even after the metadata was edited, and you’re asking for trouble.
To this day, applying for approval for your Facebook Page and your domain name is the only way to edit link preview metadata on your Facebook Page.
There is no way to edit previews for links to sites you don’t own … other than this weird Groups loophole, of course.
One thing to note is that Facebook Pages weren’t always allowed to join Groups.
That feature was launched in September 2018.
It’s possible that’s why this workaround even exists and has been able to fly under the radar for as long as it has.
While it’s unconfirmed whether this is actually a bug, judging by Facebook’s policy changes over the years, it seems highly unlikely the feature is intentional.
* Matt Binder is a reporter at Mashable covering tech and politics. He tweets at @MattBinder.
This article first appeared at mashable.com.
