By Christina DesMarais, Techlicious
Facebook now has a billion users, with more than half of those people signing on every month. Unfortunately, crooks and scammers are also part of the social network’s population—they figure at least a certain percentage of users will fall for their shenanigans.
According to Chester Wisniewski, senior security advisor at the security firm Sophos, the number of Facebook scams in play seems to be holding steady. And while Facebook is trying to tackle the problem, the scammers don’t give up easily when they can profit off unsuspecting people.
How do you spot a Facebook scam? Be wary of unlikely promises, Wisniewski says.
“No one is giving away an iPad to every person who fills out a survey and you aren’t likely the specially chosen winner of the Nokia, Microsoft or Coca-Cola lottery, because there isn’t one,” he says. “The best practice is to avoid clicking links on Facebook at all. It is generally safe to click links from trusted pages of companies, bands and groups you like, but avoid clicking links from your friends’ walls and chat messages.”
Here are popular Facebook scams you should watch out for.
Change your Facebook profile color
This “color changer v1.3” is actually a survey scam application, and you definitely don’t want to give it access to your Facebook account. It promises to let you change your Facebook profile color to something other than blue. If you click on the link, it asks you to “like” the app before it even does anything for you, and if you click on “continue” you’ll land at an app permission page. If you authorize the app to access your Facebook account it will send spam messages to all your friends. Not only that, if you actually click to install the app, it won’t give it to you until you fill out a survey.
Free gift card or voucher
If somebody on Facebook tells you Costco, McDonald’s, Starbucks or any other company is giving away vouchers or gift cards if only you invite your friends to the offer or click on a link—don’t believe it. If you do, you’ll end up spamming all your contacts with bogus messages about the fake offer, be asked to participate in surveys or prodded to complete “reward offers” in which you may be asked for personal information. If you supply your name, address, phone number or other things to these dishonest marketers, they can sell your data to others as well as harass you via non-Facebook media.
Support a wounded soldier
Sophos recently reported that a popular post making its way through Facebook that purports to support wounded soldiers is, in fact, a hoax. The text of the post is a variation of the following:
When filling out your Christmas cards this year, take ONE CARD and SEND it to this address: A Recovering American Soldier, c/o Walter Reed Army Medical Center, 6900 Georgia Avenue, NW Washington, DC 20307-5001. If we pass this on and everyone sends one card, think of how many cards these soldiers could get to bring up their spirits! Feel free to repost. This is a wonderful thing to do !!
While idea seems like a good one, any cards sent in this manner will never reach an American soldier. According to hoax-busting site Snopes.com, the U.S. Mail will not deliver any letters or packages addressed to “Any soldier” or “Any wounded soldier” at Walter Reed, especially since Walter Reed closed its doors in 2011.
If you really want to send holiday mail to an unnamed service member, use the legitimate address found here.
Enticing videos or photos
This one can come through a Facebook post or email message. Either way, if someone invites you to check out a photo or video of something you just won’t believe — know that there’s most likely something nefarious waiting for you on the other side the link.
For instance, people who click on a link titled “Look what this girl wore at the beach in front of thousands of people!” will actually end up at what looks like a video feed, but if you click on it you’ll get a message saying you need to update your YouTube player. People who choose to install it actually are downloading malware to their computers. At the same time, hidden code will cause a Facebook “like” to appear on your Timeline, which will only encourage your friends who see it to also click on the bad video or photo lure.
A variation on this scam sends what looks like a Facebook notification to your email account, telling you that one of your friends tagged you in a new photo. If you’re curious and click on the attached ZIP file you will effectively unleash malware that will give hackers the keys to your Windows computer.
See who’s viewing your profile
This one claims to be able to tell you who is looking at your Facebook information, or as the scammers put it, “spying at your profile.” If you click on the link, you first have to “like” the app, which, again, only encourages your friends to click on the same bad link. From there, you’ll be asked to give the app permission to access your Facebook account. If you do so, not only will everyone on your friend list get a spam message from you, you’ll also be prompted to take various surveys — all without ever receiving information about who’s been spying on you.
Here’s what Facebook itself says about this popular scam:
Facebook does not provide a functionality that enables you to track who is viewing your timeline, or parts of your timeline, such as your photos. Third party applications also cannot provide this functionality. Applications that claim to give you this ability will be removed from Facebook for violating policy. You can report applications that provide untrustworthy experiences.
Copyright and privacy rights protection hoax
Recently there’s been a meme floating around Facebook that tells users that posting a particular legal notice to their Facebook wall allows them to retain the copyright of any content they post on the site as well as protect their rights to privacy. About this hoax Facebook says:
There is a rumor circulating that Facebook is making a change related to ownership of users’ information or the content they post to the site. This is false. Anyone who uses Facebook owns and controls the content and information they post, as stated in our terms. They control how that content and information is shared. That is our policy, and it always has been.
What to do if you get suckered
If, for some reason, you fall for one if these scams, make sure to remove any references to it from your profile and delete any bad app that has attached itself to your Facebook account. Do that by going to the small arrow on the top right of your screen, then Account Settings > Apps. Also, check whether you may have unknowingly “Liked” bogus sites or pages by going to your Timeline and clicking your “Likes” icon at the top of the page. Any Likes you don’t recognize? Unlike them.
For more information about the various ways you can get scammed on Facebook, visit the social network’s scam page.