Everyone loves Facebook. It’s fun, it’s useful, and it can be downright addicting. Thanks to its ever increasing popularity it can also be dangerous. Hackers and scammers are well aware of the large audience on Facebook and do what they can to take advantage of it. Here are a few of the ways they do so:
Third party apps are huge on Facebook. You can play games like Mafia Wars, FarmTown, YoVille, and Scrabble with your friends and send them virtual drinks, flowers, snacks, bumper stickers, and more. Unfortunately, since Facebook doesn’t have any kind of verification system in place for its app developers (it’s as lax as Apple’s App Store is strict!) it is easy for scammers to distribute malicious apps.
The result? Apps like “Error Check System” which sent users a notification that said “(Name of Friend) has faced some errors when checking your profile. Click here to view the error message.” Anyone who did find themselves presented with a page asking them to install an “error checking” app, which is actually a piece of spyware. Once installed, it spammed everyone on the person’s friends list with the same fake notification.
Other rogue apps that are similar include “Secret Crush” which sent a notification telling you one of your friends has a crush on you and to click to find out who, and “Facebook-Closing Down!!” which sent a particularly upsetting fake notification that stated “(Name of Friend) reported your profile to Facebook for a TOS violation. Click here for info.” Needless to say it caused a lot of anger, hurt feelings and defriending before people realized it was all fake. While these apps were eventually shut down, similar new ones pop up all the time.
Sometimes legit apps can become compromised as well. A few weeks ago the wildly popular FarmTown app, which lets users tend to a virtual farm, sell crops, and chat with other farmers, began redirecting users to a site serving up a fake anti-virus program, also known as scareware. It appears that the ad network serving ads in the game was poisoned with a malicious banner ad and was responsible, not the app developers.
Speaking of rogue apps, there is a malcious ad on Facebook that is also a rogue app and is perhaps the biggest scam on the entire site. The IQ Test. It looks like one of the many quiz apps that are wildly popular among Facebook users. Banners around the site challenge you to see if you bet your friend’s results. Some are downright insulting, informing you that “4 of your friends think you’re an idiot!”
The quiz looks perfectly legit until you reach the end and expect your results. Instead it demands that you hand over your cell phone number if you want to find out how you did. Those that do find themselves subscribed to a premium SMS service that sends horoscopes and other junk text messages to them and charges their cell phone bills $9.99 and up a month. It doesn’t ask you if you want to subscribe, give you any other way to get your quiz results, or make the fees clear. Very sleazy. It’s disappointing that Facebook allows this outfit to continue to post their scam “quiz” all over the site. Say what you will about Apple’s App Store, but at least you know the apps are not going to spam, scam, or hack you.
How to keep your shields up
How do you protect yourself? First off don’t click on any banner ads inviting you to challenge your friends or that inform you that someone thinks you’re an idiot/has a crush on you/hates you. Be careful about what apps you chose to install as well. If you get a notification saying a specific friend reported you, found errors on your profile, or anything else that seems odd, don’t click. Ask that friend directly! If you find a message on your wall from a friend telling you you were caught on a hidden cam or just have to see this awesome video, delete it and let your friend know they’ve got the Koobface virus. Also beware of any vague notifications that say “Someone thinks you’re awesome/sent you a gift/has a crush on you” etc as they are likely from rogue apps.
Facebook is a great site. It’s a valuable networking tool, a great way for far flung friends and family to stay in touch, and just plain fun. However, until they realize they need exercise a lot more control over what third party apps are allowed and put better security measures in place, it’s up to you to stay aware and protect yourself.