Did you know that as of the end of the first quarter of 2014 there were 1.28 billion active (users who log in once a month) Facebook users? That’s right, about a fifth of the world’s population is on Facebook. This large population base makes a pretty big target for spammers and other malicious users. Because of this, it is a good idea to acquaint yourself with the most common spam and malicious tactics used on this social media platform.
1. Statistics on Profile visits
Spend enough time on Facebook and you will likely see this type of post on your Timeline. The post usually shows itself off as an app that allows users to see who has been viewing their personal profile, or the statistics related to profile views. There is also a link to click to either go to a site or install an app.
These posts look legitimate, but Facebook doesn’t actually allow these apps, so clicking on them usually leads to malicious apps or sites. As some of these posts contain links to Facebook apps, you will be asked to allow the app permissions like access to personal data, friends lists, etc. These apps won’t work, but they do give the developer access to your information which could then be used to start other malicious hacks.
2. Changing the color of your Profile
With the wide number of apps, devices, and other tech available to us, developers are often keen to offer users the ability to customize how their app looks. For example you may have applied your own themes or changed icons with your browser. Therefore, it makes sense that some users might want to change the color of their Facebook Profile from the standard blue that everyone uses.
There are apps out there that supposedly allow you to do this. However, Facebook doesn’t allow users to customize the color of their Profile – it’s blue for everyone. Therefore, the apps and links that supposedly allow you to change the color are fake and likely related to spam or malicious content. It’s best to not click on the links in these posts, or install apps that say they allow you to do this customization.
3. Check if a friend has deleted/unfriended you
This post seems to come up every six months or so on Facebook. Like the statistics on Profile visits, apps claiming to allow you to check if you have been unfriended are fake. The biggest giveaway that this is a fake app or post is the wording. When someone doesn’t want to be connected with you on Facebook, they will ‘unfriend’ you, not ‘delete’ you as these posts often claim. Needless to say, it is best to refrain from clicking on these links and apps.
4. Free stuff from Facebook
If you are a Facebook fan then you might like a free Facebook t-shirt, hat, water bottle, etc. There is a known post that shows up from time-to-time declaring that Facebook is giving away free stuff, and that if you click on the link in the post you too can get hold of some freebies.
Facebook does not usually give away stuff via network posts. Those people you see walking around with Facebook apparel usually either work for the company, had it printed themselves, or attended a Facebook event. Therefore, if you see these posts, don’t click on the link.
5. Revealing pics or videos of celebrities
With all the recent leaks of celebrity photos and videos, you can be sure that the number of posts popping up on you News Feed with links to these types images and videos will become increasingly popular.
Not only is this obscene, the posts are 100% fake. Clicking on any of the links will likely take you to a site with ‘files’ that you need to download. The issue is, these files are actually malware and can pose a serious security risk.
As a general rule of thumb: Don’t click on any links in posts connected to celebrities and revealing images or videos.
What can I do about these posts?
These tips are mainly for individual Facebook users as this is whom hackers and spammers are targeting the most. How is this an issue for your business? Well, if an employee is browsing Facebook at work and clicks on one of the links in posts like the ones above, there is a good chance they could introduce malware into your systems and networks.
Therefore, you might want to educate your employees about common Facebook security threats like the ones above. Beyond this, you should encourage everyone to take the following steps when they do come across content like this:
- Click the grey arrow at the top-right of the post.
- Select I don’t want to see this.
- Click Report this Post.
This will ensure that the post itself is deleted and that the content is reported to Facebook for followup. Usually, if there are enough reports, Facebook will look into the content and likely ban the user.