Someone is trying to influence the midterm elections by sowing divisions among Americans on social media, according to Facebook — though the company won’t say it’s necessarily Russia that’s to blame.

On Tuesday, Facebook announced that it had removed more than two dozen pages and accounts from its platform because they were involved in “coordinated inauthentic behavior” in the lead-up to the midterm elections. While it could not explicitly link the suspicious activity to Russia, Facebook said it is “consistent with” what it saw from the Russian troll farm the Internet Research Agency before and after the 2016 presidential election.

The accounts masked themselves as groups dedicated to specific causes and appeared to have been designed to appeal to progressives. One page sought out women who consider themselves part of the “resistance,” and another looked to appeal to individuals interested in mindfulness. According to the New York Times, some accounts created content around the “Abolish ICE” movement.

Soon after the Times reported on Tuesday about the forthcoming announcement, Facebook said it had removed 32 pages and accounts from Facebook and Instagram after determining they were involved in “inauthentic behavior” that’s not allowed on Facebook.

Facebook detected the first of eight pages, 17 profiles, and seven Instagram accounts about two weeks ago and removed them on Tuesday morning. In total, nearly 300,000 accounts followed at least one of the pages, which were created between March 2017 and May 2018.

Some of the pages and accounts had no followers or next to none, while others had many. The most followed pages were given names such as “Black Elevation,” “Aztlan Warriors,” “Mindful Being,” and “Resisters.” The accounts created some 9,500 organic posts and ran 150 ads for about $11,000.

Facebook released examples of the content the accounts created.

For example, the Resisters page created a Facebook event scheduled for August to protest a planned second act to the “Unite the Right” rally in Charlottesville, Virginia. It also created a job posting for a part-time event coordinator and posted memes promoting women’s rights and criticizing President Donald Trump. Resisters’ Unite the Right event duped legitimate pages, which signed on to co-host the event.




The Black Elevation page also posted job ads for an event coordinator and created event announcements. The Times reported that content around the “Abolish ICE” movement was also detected.

The fake accounts and pages homing in on divisive social issues is what happened in the Russian disinformation campaign in the 2016 election, but Facebook says it hasn’t been able to link the activity this time around directly to Russia. “These bad actors have been more careful to cover their tracks, in part due to the actions we’ve taken to prevent abuse over the past year,” Nathaniel Gleicher, the head of cybersecurity policy at Facebook, wrote in a post on Tuesday.

Facebook said it’s working with law enforcement and others to gather all the facts and figure out who’s behind the activity, though the company acknowledged that’s no easy task. Chief security officer Alex Stamos in a separate post on Tuesday talked about the difficulties of figuring out who’s behind cyberthreats. He emphasized that doesn’t mean that Facebook, which has come under fierce scrutiny for its handling of misinformation and fake news, isn’t taking action.

“The lack of firm attribution in this case or others does not suggest a lack of action,” Stamos wrote. “We have invested heavily in people and technology to detect inauthentic attempts to influence political discourse, and enforcing our policies doesn’t require us to confidently attribute the identity of those who violate them or their potential links to foreign actors.”

Facebook isn’t the only party raising a red flag about potential hacking and meddling ahead of the 2018 midterms.

Director of National Intelligence Dan Coats said earlier this month that the “warning signs are there” for cyberattacks from Russia and other foreign governments. And a Microsoft executive at the Aspen Security Forum said in a panel that the company had detected phishing attacks targeting three US congressional candidates, though he didn’t say which party they were from. The Daily Beast last week reported that Sen. Claire McCaskill, a vulnerable Missouri Democrat, had been targeted by Russian hackers in her reelection bid.