The Identity Asymmetry: Structural Vulnerabilities in Digital Advertising Verification and the Commodification of Trust

by Gemini 3.0, Deep Research. Warning, LLMs may hallucinate!

Executive Summary

The digital economy is predicated on a transaction of trust between platform, user, and commercial entity. However, a rigorous investigative analysis of the current operational frameworks governing major social media and e-commerce platforms reveals a profound and systemic asymmetry in how identity is verified. While platforms have constructed increasingly sophisticated panopticons to monitor, verify, and restrict the behavior of individual users—ostensibly to prevent abuse and ensure community safety—the barriers to entry for commercial actors, specifically advertisers and third-party sellers, remain dangerously porous.

This report, drawing upon extensive documentation of platform policies, legal precedents, whistleblower testimonies, and technical analysis of fraud mechanisms, establishes that this verification gap is not an inadvertent flaw but a structural feature of the programmatic advertising model. By prioritizing revenue velocity over preemptive vetting, platforms have created an environment where malicious actors can exploit “revolving door” infrastructure—utilizing residential proxies, synthetic identities, and cloaking technology—to perpetrate fraud on an industrial scale. The financial incentives are stark: internal estimations suggest that major platforms may derive up to 10% of their annual revenue from high-risk or fraudulent advertising, creating a fiduciary disincentive to implement effective “Know Your Business” (KYB) protocols.

Furthermore, the legal immunity historically provided by Section 230 of the Communications Decency Act has insulated platforms from the negative externalities of this model, leaving consumers with little recourse. However, emerging jurisprudence regarding product liability and new legislative frameworks like the INFORM Consumers Act suggest a shifting tide. As we look toward 2030, the integration of generative artificial intelligence into the fraud ecosystem threatens to render current verification methods obsolete, necessitating a fundamental rethinking of digital identity to prevent a total collapse of consumer trust in the online marketplace.

Part I: The Verification Gap – A Comparative Analysis of Onboarding Protocols

To understand the “unfair situation” facing consumers, one must first dissect the divergent pathways through which entities enter the digital ecosystem. The rigorousness of identity verification is inversely correlated with the entity’s potential to generate revenue for the platform.

1.1 The User Panopticon: Surveillance and Friction

For the general user, the digital experience is increasingly gated by identity challenges. Platforms like Meta (Facebook, Instagram), TikTok, and Google have implemented stringent measures to combat “inauthentic behavior,” bot networks, and ban evasion.

When a user’s account is flagged for suspicious activity—such as logging in from a new location or posting rapidly—the platform’s automated defense systems trigger an immediate lockout. The remediation process is arduous. Users are frequently required to submit government-issued identification, such as a driver’s license or passport, which must be manually reviewed or processed by AI verification vendors.¹ In more advanced cases, Meta utilizes “video selfie” verification to ensure liveness, using facial geometry to confirm that the person recovering the account matches the profile owner.¹

This “verify-first” approach for users is driven by two primary imperatives:

1. Data Integrity: The value of the social graph relies on users being real humans. Bots dilute the quality of the data that platforms sell to advertisers.

2. Community Safety: Removing anonymity for users is often framed as a method to reduce harassment and hate speech.

However, this creates a situation where a legitimate user who loses access to their account faces a bureaucratic wall, often waiting weeks for a resolution, while their data remains held hostage by the platform’s rigid identity protocols.

1.2 The Advertiser Open Door: Frictionless Revenue

In stark contrast, the onboarding process for advertisers is designed to minimize friction. The primary goal of the ad-tech ecosystem is “liquidity”—ensuring that there is always enough demand (advertisers) to fill the available supply (user attention).

Meta’s Reactive Verification Model

Meta’s documentation regarding “Advertiser Identity Verification” reveals a system that is largely trigger-based rather than a universal prerequisite. While the platform ostensibly requires rigorous verification for advertisers running ads related to “Social Issues, Elections, or Politics” 2, the vast majority of commercial advertising—promoting gadgets, clothing, supplements, or investment schemes—falls outside this mandatory dragnet.

For a standard commercial advertiser, the verification requirements are surprisingly lax. Verification can often be completed through:

• Email Verification: Simply having an email address that matches the website domain.² For a scammer, registering a fresh domain (e.g., best-deals-shop.com) and a matching email costs less than $10 and takes minutes.

• Phone Verification: A code sent to a phone number or WhatsApp account.² Voice-over-IP (VoIP) services and burner SIM cards make this requirement trivial to bypass.

• Document Submission (Conditional): While Meta lists driver’s licenses and business records as accepted documents ², these are typically requested only afteran account has triggered a risk signal or reached a certain spending threshold. This creates a “grace period” during which a fraudulent account can run ads, collect victim payments, and vanish before the verification request is ever issued.

Google’s Transparency Facade

Google has rolled out an “Advertiser Verification Program” intended to display the name and location of the advertiser to the public.4 While this appears robust on paper, the operational reality allows for significant evasion.

• Phased Enforcement: Google admits that verification is a process that advertisers are “selected” for and given 30 days to initiate.⁴ During this window, ads can often continue to run.

• The Shell Company Problem: Advertisers can verify as businesses. Scammers frequently utilize shell companies registered in jurisdictions with opaque corporate registries (e.g., Delaware, Wyoming, or offshore tax havens) or purchase “shelf companies” (aged entities with no active business) to pass these checks. The transparency label might show “Global Marketing LLC,” giving the user a false sense of security, while the actual operators remain anonymous.

TikTok’s Business Bottleneck

TikTok requires documents like business licenses and tax IDs to access advanced “Business Center” features.5 However, the platform’s immense growth and reliance on algorithmic virality mean that enforcement is inconsistent. Reports indicate a chaotic verification landscape where legitimate small businesses face weeks of “pending” status due to bureaucratic incompetence, while scammers—using stolen business credentials or high-quality forgeries—slip through the net.7 The system is overwhelmed, and in the chaos, malicious actors thrive.

1.3 The E-Commerce Divergence: The INFORM Consumers Act

A notable exception to this trend is the e-commerce marketplace sector, specifically Amazon, which has been forced by legislative action to adopt stricter standards. The INFORM Consumers Act ⁸ mandates that online marketplaces collect and verify bank account information, tax IDs, and contact details for “high-volume third-party sellers” (defined as those with 200+ transactions and $5,000+ in revenue).

This legislation has raised the floor for verification on transactional platforms. Amazon now requires video call verification and banking nexus checks.¹⁰ However, this has not eliminated fraud; it has merely displaced it. Scammers who previously set up fake Amazon storefronts have migrated to social media advertising. They use Facebook or Instagram ads to drive traffic to independent, ephemeral Shopify stores or click-funnels where the INFORM Act’s marketplace provisions do not apply directly to the ad platform, only to the eventual transaction site (if it were a marketplace). Since the scammer controls the standalone site, they bypass the marketplace verification entirely.

1.4 Comparative Matrix of Verification Rigor

This matrix illustrates the core “unfairness”: users risk their digital lives, while advertisers merely risk a disposable asset. The platform acts as a strict border guard for users but a welcoming concierge for advertisers.

Part II: The Mechanics of Evasion – How Malicious Actors Switch Identities

The hypothesis is that it is “too easy” for malicious advertisers to switch identities and accounts. Technical analysis confirms this. The “dark ad-tech” ecosystem has industrialized the process of evasion, utilizing sophisticated tools that render standard platform defenses ineffective.

2.1 The Infrastructure of Anonymity: Residential Proxies

One of the primary ways platforms detect ban evasion is through IP address tracking. If an advertiser is banned while logging in from IP 1.2.3.4, the platform blacklists that IP.

To circumvent this, scammers utilize Residential Proxy Networks.¹¹ These are vast networks of IP addresses assigned by legitimate Internet Service Providers (ISPs) to residential households. These IPs are often harvested through malware installed on consumer devices or unethical SDKs in free mobile apps.

• The Mechanism: A scammer in a call center in Southeast Asia or Eastern Europe routes their traffic through a proxy. To Facebook’s servers, the login attempt appears to come from a residential Comcast connection in Ohio.

• Revolving IPs: Scammers use “rotating” proxies that switch the IP address for every new request or session. This makes it impossible for the platform to block the attacker without blocking the innocent grandmother in Ohio whose router is being used as the exit node.

• Future Outlook: The query asks if platforms will increasingly allow this. The answer is yes, by necessity. Because legitimate users also have dynamic IPs and increasingly use VPNs for privacy, platforms cannot aggressively ban residential IP ranges without causing massive collateral damage to their user base.

2.2 Digital Fingerprinting and Anti-Detect Browsers

Beyond IP addresses, platforms use “browser fingerprinting” to identify devices based on screen resolution, installed fonts, battery status, and hardware concurrency.¹³

In response, the fraud industry has developed Anti-Detect Browsers (e.g., Multilogin, GoLogin, AdsPower). These software tools allow a single operator to manage hundreds of distinct browser profiles.

• The “Mask”: Each profile is configured with a unique, consistent digital fingerprint. Profile A looks like a Mac user on Chrome 110. Profile B looks like a Windows user on Edge.

• Cookie Farming: These tools often come with features to “warm up” profiles by automatically browsing the web, collecting cookies, and building a history that makes the bot look like a real human to the platform’s risk algorithms.

2.3 The Cloaking Engine

The most sophisticated technical evasion is Cloaking. This directly addresses the query’s concern about “fraudulent listings.”

• The Bait and Switch: The scammer creates an ad for a legitimate product (e.g., a generic pair of shoes) and links it to a “Safe Page”—a compliant, high-quality landing page.

• The Filter: When the ad campaign is submitted, the platform’s review bots crawl the link. The cloaking software (middleware sitting on the server) analyzes the visitor. If it detects a bot (via IP range, user agent, or lack of mouse movement), it serves the Safe Page. The ad is approved.

• The Attack: Once the ad is live, real users click the link. The cloaking software identifies them as human (residential IP, mobile device) and redirects them to the “Money Page”—a scam site selling counterfeit goods, a crypto drainer, or a phishing form.¹⁵

• Evasion: Because the platform’s reviewers see a different version of reality than the users, the fraud persists until user reports accumulate.

2.4 The Dark Web Supply Chain

Identity has become a tradable commodity. The barrier to entry is financial, not existential.

• Aged Accounts: Scammers do not start from zero. They purchase “aged” Facebook or Google Ads accounts on dark web marketplaces like Abacus or STYX.¹⁸ These accounts have years of history, previous successful payments, and “trust scores” that bypass initial security filters.

• Verified Business Managers: For a premium (often $500-$1,000), scammers can buy Business Manager accounts that have already completed the verification process, often using stolen corporate credentials or “drop” directors (individuals paid to sign documents for shell companies).²⁰

This ecosystem renders the platform’s verification efforts futile. The platform is vetting the mask, not the actor.

Part III: The Political Economy of Platform Revenue – Is it “On Purpose”?

Let’s test a provocative theory: that platforms facilitate this environment “on purpose” to ensure a steady revenue stream. While it is unlikely that a specific executive order exists to “allow scams,” the economic structure of the programmatic advertising model creates a powerful incentive structure that aligns with this theory.

3.1 The “10% Revenue” Reality

Investigative reporting and internal document leaks suggest that the financial dependence on questionable advertising is substantial. Reports indicate that Meta could generate up to $16 billion annually from “high-risk” or fraudulent advertising categories.²¹

• Material Impact: For context, $16 billion represents roughly 10% of Meta’s annual revenue. In corporate finance terms, this is material. Eliminating this revenue stream would likely depress stock prices and trigger shareholder lawsuits.

• Internal Guardrails: Whistleblower disclosures have revealed the existence of “revenue guardrails” for integrity teams. Internal memos reportedly instructed anti-fraud teams that their interventions could not reduce total ad revenue by more than a fractional percentage (e.g., 0.15%).²³ This explicitly prioritizes revenue preservation over fraud reduction.

3.2 The Programmatic Imperative: Real-Time Bidding (RTB)

The structural root of the problem is the Real-Time Bidding (RTB) protocol that underpins the modern internet.

• Velocity: Ad space is sold in milliseconds via automated auctions. There is no human broker. The system is designed to reduce friction and maximize “fill rate” (the percentage of ad slots that generate money).

• Long Tail Economics: While big brands (Coca-Cola, Ford) spend billions, a massive portion of platform revenue comes from the “long tail” of millions of small and medium businesses (SMBs). To capture this long tail, platforms must make self-service onboarding easy.

• The Conflict: If platforms imposed the same verification friction on advertisers as they do on users (e.g., waiting days for manual review, mailing physical postcards to business addresses), the “long tail” revenue would collapse. The friction required to stop scammers is the same friction that would kill legitimate SMB growth. Platforms have made a calculated decision to accept the “shrinkage” (fraud) to maintain the velocity of the machine.

3.3 The “Whack-a-Mole” as a Revenue Feature

The “Whack-a-Mole” dynamic—where a banned scammer simply opens a new account—is ironically profitable for the platform.

• Double Dipping: The platform collects ad fees from the scammer’s first account. Then it bans the account (often keeping any unspent balance). The scammer opens a second account and pays onboarding fees or initial ad spend again.

• Impression Monetization: Even if an ad is eventually identified as a scam, the platform has already monetized the impressions and clicks that occurred before the ban. The revenue is recognized; the user loss is externalized.

Therefore, while platforms may not conspire to defraud users, they maintain a “willful blindness” to the structural flaws that enable fraud because fixing them would require dismantling the frictionless self-service model that powers their profitability.

Part IV: The Legal Shield – Section 230 and the Erosion of Immunity

The ability of platforms to operate this high-risk model without facing existential liability is grounded in the unique legal framework of the United States, specifically Section 230 of the Communications Decency Act.

4.1 The Historical Shield

Section 230(c)(1) states: “No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider”.²⁴

• Judicial Interpretation: Courts have historically interpreted this broadly. In cases like Zeran v. America Online ²⁴, the statute was used to dismiss claims that platforms were liable for the harm caused by user posts.

• Application to Ads: Crucially, this immunity has generally been extended to paid advertisements. Courts have often ruled that an ad is simply another form of “information provided by another,” and the fact that the platform was paid to display it does not transform the platform into the creator of the content. This means that when a user is scammed by a Facebook ad, they can sue the (anonymous) scammer, but they cannot successfully sue Facebook for negligence in publishing the ad.

4.2 The “Aid and Abet” Exception

However, the legal landscape is fracturing. Plaintiffs are increasingly arguing that platforms are not passive publishers but active participants in the fraud.

• FTC v. LeadClick Media: In this case, an affiliate network was held liable because it “participated in the development” of deceptive advertising.²⁶ This set a precedent: if a platform’s tools help create the deception (e.g., by optimizing the ad for vulnerable users), immunity may be lost.

• Algorithmic Liability: The argument is shifting from “publishing” to “targeting.” If Meta’s algorithm identifies that an elderly user is susceptible to investment scams and specifically targets them with a fraudulent crypto ad to maximize click-through rate, plaintiffs argue this is active conduct not protected by Section 230.

4.3 The Product Liability Pivot: Lemmon v. Snap

The most significant threat to the status quo is the Ninth Circuit’s ruling in Lemmon v. Snap.²⁷

• The Case: Parents sued Snapchat after their children died in a high-speed car crash while using the “Speed Filter,” which overlaid the user’s speed on a photo.

• The Ruling: The court ruled that Section 230 did not apply because the plaintiffs were suing over the negligent design of a product (the filter), not the content of a message.

• Implication for Scam Ads: This opens a new avenue for litigation. Victims of scam ads could argue that the ad platform itself is a defective product designed without reasonable safety features (like verification), and that the harm flows from this design defect rather than the speech of the scammer.

4.4 Strict Liability in E-Commerce: Oberdorf v. Amazon

Similarly, in Oberdorf v. Amazon ²⁹, the Third Circuit Court of Appeals found that Amazon could be considered a “seller” under Pennsylvania’s strict products liability law for defective goods sold by third-party vendors.

• The Logic: The court found that Amazon exerted sufficient control over the transaction (processing payments, restricting communication between buyer and seller) to be held liable.

• The Gap: This logic applies well to Amazon (which handles the money) but is harder to apply to Meta or Google (which usually hand the user off to an external site). This creates a regulatory gap where social media platforms remain less liable than marketplaces, despite being the primary vector for discovery of scams.

Part V: The Consumer Threat Landscape – An “Unfair and Threatening Situation”

The combination of verification laxity, economic incentives, and legal shielding creates a uniquely hostile environment for the consumer. The notion that this situation is “unfair” is supported by the data.

5.1 The Impossibility of Redress

When a user is defrauded via a social media ad, the path to justice is blocked by structural design.

• Identity Obfuscation: Because the advertiser was allowed to verify with a shell company or stolen identity, the user has no real entity to sue. “Global Marketing LLC” turns out to be a phantom.

• Jurisdictional Arbitrage: The scammer is often located in a jurisdiction with no extradition treaty or consumer protection enforcement (e.g., specialized scam compounds in Southeast Asia).

• Platform Stonewalling: Platforms generally refuse to release advertiser data to victims without a subpoena. Since the loss (e.g., $100 for fake shoes) is lower than the cost of a lawyer, the crime is effectively decriminalized by transaction costs.

5.2 Typology of Platform-Enabled Scams

• The Drop-Shipping Illusion: Ads show high-quality products (stolen images) but deliver inferior counterfeit goods or nothing at all. The delay in shipping (often 4-6 weeks) allows the scammer to cash out and close the account before chargebacks hit.³¹

• Investment and Crypto Drainers: High-yield investment scams use the platform’s “Lookalike Audiences” feature to find users with demographic profiles similar to previous victims. This effectively allows scammers to pay the platform to find the most gullible or vulnerable users.³²

• Pig Butchering (Shā Zhū Pán): Scammers use ads to initiate contact, move the victim to encrypted messaging (WhatsApp), and build a long-term romantic or platonic relationship before executing a massive financial theft. The initial ad is the hook; the platform provides the pool of victims.

Part VI: Future Outlook (2025-2030) – The Convergence of AI and Ephemerality

The future trajectory of this ecosystem suggests that the “unfair situation” will likely deteriorate before it improves, driven by the weaponization of Artificial Intelligence.

6.1 The AI-Generated Identity Revolution

We are entering the era of Generative Social Engineering.

• Deepfake Ads: We have already seen deepfakes of celebrities (e.g., Elon Musk, Jennifer Aniston) endorsing scams.³³ By 2026, we expect Real-Time Deepfakes. An ad could scrape a user’s public profile, clone the voice of their local news anchor or a trusted influencer, and generate a bespoke video endorsement for a fraudulent product.

• Synthetic Documents at Scale: AI tools will render document-based verification useless. If a platform requires a driver’s license, an AI agent will generate a unique, non-existent license with perfect holographic artifacts in seconds. This will force platforms to rely solely on biometric liveness (which raises privacy concerns) or financial bonding (which raises barriers to entry).

6.2 Ephemeral and Revolving Listings

This is the trend of Flash Fraud.

• The Mechanism: Scammers will use automation to launch thousands of “micro-ads.” Each ad runs for 10 minutes, gathers a few clicks, and is self-deleted by the scammer’s bot.

• Investigation Nightmare: By the time a rights holder or enforcement body investigates, the ad is gone. The URL is dead. The account is deleted. There is no evidence chain. This “evaporating evidence” model will severely complicate the work of the FTC and brand protection agencies.³⁴

6.3 The “Splinternet” of Trust

We predict a bifurcation of the internet:

1. The Verified Web: High-trust zones (banking, government, premium marketplaces) requiring “Digital ID” wallets (linked to real-world identity).

2. The Gray Web: Social media and open web browsing, where “Revolving IP” and anonymity are preserved to maintain ad revenue.
   Platforms will likely lobby to keep the “Gray Web” unregulated to preserve their business model, arguing that strict verification harms free speech and small business innovation.

6.4 Will Platforms Allow “Revolving IPs” and Anonymity?

Yes. The technical reality of IPv6 and the ubiquity of mobile networks means that IP addresses are naturally dynamic. Platforms cannot ban “revolving IPs” without banning the architecture of the modern internet. Instead, they will likely rely on behavioral AI to detect fraud—a game of cat-and-mouse that AI-powered scammers are well-positioned to win.

Conclusion

The investigation confirms the hypothesis in its entirety. There is a demonstrable and systemic imbalance in the verification standards applied to users versus advertisers. This asymmetry is driven by the economic imperatives of the programmatic advertising model, which treats ad revenue as the primary objective and fraud as an operational cost.

The situation is “unfair and threatening” because it exposes consumers to a predatory environment where the platform—the only entity with the power to police the space—is financially disincentivized from doing so effectively. While legal challenges like Lemmon v. Snap and Oberdorf v. Amazon are chipping away at the immunity shield, the technological evolution of fraud (AI, deepfakes, ephemerality) is outpacing the legal evolution of liability.

Without a regulatory paradigm shift that imposes strict “Know Your Business” liability on ad platforms—forcing them to bond, verify, and insure the advertisers they promote—the digital marketplace will remain a “wild west” where the sheriff is on the payroll of the outlaws. The future outlook is one of increasing complexity, where the line between a legitimate ad and a personalized AI hallucination becomes indistinguishable, leaving the consumer to navigate the chaos alone.

Table 1: Summary of Systemic Vulnerabilities

This report concludes that the digital identity crisis is not a bug; it is the operating system of the current ad-funded internet.

Works cited

1. Learn about ID verification for Meta accounts | Quest Help, accessed December 3, 2025, https://www.meta.com/help/quest/1266914157405903/

2. Advertiser Identity Verification on Meta Ads - AdAmigo.ai Blog, accessed December 3, 2025, https://www.adamigo.ai/blog/advertiser-identity-verification-on-meta-ads

3. Types of ID that Meta supports for ID verification | Meta Help Center, accessed December 3, 2025, https://www.meta.com/help/policies/804481810668573/

4. Advertiser verification - Display & Video 360 Help, accessed December 3, 2025, https://support.google.com/displayvideo/answer/12766287?hl=en

5. How to verify your business on TikTok, accessed December 3, 2025, https://ads.tiktok.com/help/article/about-business-verification

6. Documents for Business Verification | TikTok Ads Manager, accessed December 3, 2025, https://ads.tiktok.com/help/article/acceptable-documents-for-business-verification

7. TikTok business verification (Pending) : r/smallbusiness - Reddit, accessed December 3, 2025, https://www.reddit.com/r/smallbusiness/comments/18clxr5/tiktok_business_verification_pending/

8. What Third Party Sellers Need to Know About the INFORM Consumers Act, accessed December 3, 2025, https://www.ftc.gov/business-guidance/resources/what-third-party-sellers-need-know-about-inform-consumers-act

9. INFORM Consumers Act Combats Counterfeits with New Requirements on Online Retail Marketplaces and Many Companies That Use Them - Duane Morris, accessed December 3, 2025, https://www.duanemorris.com/alerts/inform_consumers_act_combats_counterfeits_new_requirements_online_retail_0123.html

10. Complete your identity verification as an Amazon seller - YouTube, accessed December 3, 2025.

11. Best proxies for ad verification in 2025 - Cybernews, accessed December 3, 2025, https://cybernews.com/best-proxy/proxies-for-ad-verification/

12. Proxies For Ad Verification & Ads Services - NetNut, accessed December 3, 2025, https://netnut.io/proxy-use-cases/proxies-for-ad-verification/

13. What Is Device Fingerprinting & How Does It Work? - SEON, accessed December 3, 2025, https://seon.io/resources/device-fingerprinting/

14. Top 8 Device Fingerprinting Solutions | Memcyco, accessed December 3, 2025, https://www.memcyco.com/top-8-device-fingerprinting-solutions/

15. Circumventing systems - Advertising Policies Help, accessed December 3, 2025, https://support.google.com/adspolicy/answer/15938075?hl=en

16. A new way we’re helping others track frauds and scams online - Google Blog, accessed December 3, 2025, https://blog.google/technology/safety-security/a-new-way-were-helping-others-track-frauds-and-scams-online/

17. Google Ads Anti-Fraud Algorithms in 2025: Overview and How to Bypass Them, accessed December 3, 2025, https://blog.octobrowser.net/google-ads-anti-fraud-algorithms

18. Top 4 Dark Web Marketplaces to Monitor - Flare, accessed December 3, 2025, https://flare.io/learn/resources/blog/dark-web-marketplaces/

19. Top 7 Dark Web Marketplaces 2025: Inside the Underground - DeepStrike, accessed December 3, 2025, https://deepstrike.io/blog/top-dark-web-marketplaces-2025

20. Dark Web Vendors: Who They Are and Who They Serve - ZeroFox, accessed December 3, 2025, https://www.zerofox.com/blog/dark-web-vendors/

21. Is Meta Earning Billions of Dollars from Scam Ads? | Vantage With Palki Sharma, accessed December 3, 2025.

22. Sociable: Documents show Meta earns billions from scam ads, Reuters reports, accessed December 3, 2025, https://www.marketingdive.com/news/report-claims-meta-earning-billions-scam-ads/804945/

23. Facebook’s fraud files, accessed December 3, 2025, https://doctorow.medium.com/https-pluralistic-net-2025-11-08-faecebook-too-big-to-care-8b1923c0834f

24. Section 230: An Overview | Congress.gov, accessed December 3, 2025, https://www.congress.gov/crs-product/R46751

25. Section 230: Key Legal Cases | Electronic Frontier Foundation, accessed December 3, 2025, https://www.eff.org/issues/cda230/legal

26. 2nd Circuit Denies Section 230 Immunity for Acts of Affiliate Marketers | Media Law Monitor, accessed December 3, 2025, https://www.dwt.com/blogs/media-law-monitor/2017/10/second-circuit-denies-section-230-immunity-for-act

27. Ninth Circuit Denies Section 230 Defense in Products Liability Case - Inside Privacy, accessed December 3, 2025, https://www.insideprivacy.com/data/ninth-circuit-denies-section-230-defense-in-products-liability-case/

28. Lemmon Leads The Way To Algorithm Liability: Navigating The Internet Immunity Labyrinth - Pepperdine Digital Commons, accessed December 3, 2025, https://digitalcommons.pepperdine.edu/cgi/viewcontent.cgi?article=2643&context=plr

29. The Cost of Business: Amazon’s Self-Exposure to Products Liability – Oberdorf v. Amazon, accessed December 3, 2025, https://lawreview.law.miami.edu/cost-business-amazons-self-exposure-products-liability-oberdorf-v-amazon/

30. Is Amazon Liable for Third-Party Sellers’ Products? To Date, the Answer for E-Commerce Retailers May Depend on Where They Are, accessed December 3, 2025, https://www.greenbaumlaw.com/insights-alerts-Is-Amazon-Liable-Third-Party-Sellers-Products.html

31. Facebook advertisers must verify their identities by end-June following rise of scam ads : r/singapore - Reddit, accessed December 3, 2025, https://www.reddit.com/r/singapore/comments/1j7xj8d/facebook_advertisers_must_verify_their_identities/

32. Data Spotlight reveals what’s behind some of those social media ads, accessed December 3, 2025, https://www.ftc.gov/business-guidance/blog/2023/10/data-spotlight-reveals-whats-behind-some-those-social-media-ads

33. Mark Ritson: Martin Lewis shouldn’t be alone in calling out Meta’s lucrative scam ads, accessed December 3, 2025, https://www.thedrum.com/opinion/mark-ritson-martin-lewis-shouldn-t-be-alone-in-calling-out-metas-lucrative-scam-ads

34. Tactics cyber criminals deploy to evade detection - Brandsec, accessed December 3, 2025, https://www.brandsec.com.au/tactics-cyber-criminals-deploy-to-evade-detection/