The team headed by Andrea Stroppa and Carlo De Micheli has been searching for and analyzing Facebook spam, the fake fan pages that serve it, and the third-party scam sites to which the spammy links lead to.
They have discovered that creating fake fan pages is a thriving business. "The spam posters get paid an average of $13 per post for pages that have around 30,000 fans, up to an average of $58 to post on pages with more than 100,000 fans," De Micheli shared with the Guardian.
Calculating that only the pages they analyzed make in total some 18,000 spam posts per day, and that the price is set somewhere in between the aforementioned two extremes per post mentioned above, these spammers made around $200m per year.
Facebook spammers usually offer their services on underground forums, and the researchers have uncovered a network of 30,000 pages of fake Facebook fan pages used for spamming.
The third parties that use the spammers' services must bring in even more money for this arrangement to work for them.
"We notice that it is rather common for the landing page [from a link] to be a product on an e-commerce site made to monetise quickly rather than to generate traffic on a home page," they said. "Links to YouTube can be used to generate views, and so money - view generation on YouTube is a fast-growing market."
Facebook is doing its best to remove the spam pages and posts and block spammy links as soon as they appear via a number of automated systems, and are trying to make users to remove browser extensions that have been hijacking users' accounts.
A spammer whom the researchers contacted insists that Facebook actually needs spammers, as they create more content for users to browse. "Without the fan pages Facebook would be an empty place. Tell me how many links do you see shared by your friends on your timeline everyday?" he pointed out.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.