Thursday, 02 June 2011 17:19
Last Updated on Thursday, 09 June 2011 16:24
Written by David Lash
Anyone using Facebook should know how to keep your account safe. Fortunately, Facebook has a Page chalked full of useful information on how to do just that. I've included from their website, some of the common threats below that Facebook users experience. This is well worth the read!
Certain malicious websites contain code that can make your browser take action without your knowledge or consent. Clicking on a link on one of these websites might cause the website to be posted to your Facebook profile, for example. Don't click on strange links, even if they're from friends, and notify the person if you see something suspicious.
Koobface
Koobface is a computer worm that targets Facebook and other social networking websites. It spreads on Facebook by sending messages and making wall posts on behalf of the infected user. These messages contain a link, which will prompt you to download and install a newer version of Adobe Flash player. However, this download actually contains a malicious file that, once opened, uses your Facebook account to continue posting this malicious link on your behalf, thus spreading the virus. Right now, only Windows users can be infected by Koobface. Once you are infected:
You may receive pop ups asking you to install "security software" which is fraudulent.
Websites you visit through Google may be replaced with fraudulent websites, making money for the bad guys.
If you develop websites, passwords to your website may be stolen by the virus.
If you think your computer has been infected with Koobface, click here. For more information about the virus or how to keep your account secure, click here.
Spammy Wall Posts, Inbox Messages, and Chat Messages
When criminals gain access to a Facebook account, they usually post spammy comments on friends’ Walls, or send spammy messages through Inbox or Chat. These messages ask you to click on a link and often try to entice you by claiming there’s a new photo or video of you somewhere on the Internet that you need to check out. The link then takes you to a phishing site that asks you to enter your login information, or amalware site that prompts you to download malicious software.
Don’t click on strange links in posts or messages, even if they’re from friends. If it seems weird for an old friend to write on your Wall or send you a message, it’s possible that the person’s account has been taken over by a spammer. Be particularly cautious of posts or messages that contain misspellings or use bad grammar.
Spammy Groups and Pages
Spammers sometimes create groups and Pages that claim you'll win a prize or gain access to special Facebook or application features if you first invite all of your friends. These groups and Pages may even ask you to copy code into your browser address bar to automatically send invitations or suggestions.
Be wary of groups and Pages with offers that seem too good to be true, especially if they ask you to provide personal information on another site or spam your friends with invites in order to qualify.
If you come across a group or Page that you think is a scam, report it to us by clicking on the report link in the bottom left of the page.
Money Transfer Scams
Scammers sometimes post status updates, or send Inbox or Chat messages, from a friend’s account claiming that the friend is in some difficult situation and in need of money. These messages ask you to help by wiring funds through a money transfer service.
Never send money without first verifying the story through some other means, such as by talking to the person over the phone. If a friend’s account has been taken over, contact us so that we can block access. If you've sent money, report it to the money transfer service, and, if you’re in the United States, theFederal Trade Commission or the Federal Bureau of Investigation. You’ll find more tips and a complete transcript of a real conversation with a scammer here.
Fake Notification Emails
Spammers and scammers sometimes send phony emails that have been made to look like they’re from Facebook or another reputable website. These emails can be very convincing, and the “From:” field can even be spoofed to include “Facebook” or “The Facebook Team.”
If an email looks strange, don’t click on any of the links in it, and delete it from your inbox immediately. Be especially wary of emails that ask you to update your account, tell you to open an attachment, or warn you to take some other urgent action.
Chain Letters and Messages from Phony Facebook Employees
You might occasionally see a status update or message making some claim about Facebook and urging you to take an action. Examples include:
Facebook is becoming overpopulated.
Facebook is going to start charging money.
Certain users have special access to profile information.
Facebook is selling your data.
Sometimes, these come from people claiming to be Facebook employees who then ask you to provide your password or other personal information.
If a status update or message doesn’t look right, don’t believe it. Disregard it, and tell your friends that it’s phony. If someone pretending to be a Facebook employee asks you for your password, don’t give it out, and report the person immediately by clicking the report link either on the message or the person's profile.
For more information about Facebook site governance and privacy, check out these documents:
Facebook has strict policies for developers to help make sure that applications don’t misuse your data. While most applications play by the rules, you may occasionally come across one that doesn’t quite look right.
Use caution when interacting with applications. If you think an application is violating our policies, report it to us through the link on the application’s About page. You may also want to block the application by clicking the “Block” link on its About page.
