Like most Internet based companies, Facebook continues to take steps to ensure the safety of its users. Even with all the effort made by Facebook, no amount of Facebook security protocols will eliminate every scam and every hacker. Vulnerabilities will still persist regardless which is why the best protection seems to depend on user awareness. The majority of problem reports can most likely be avoided through proper user education. If users remain unaware of the current scams it leaves them unsuspecting and prime targets for malicious scams. Educating users to be aware the attacks while participating on social networking platforms could drastically help preserve the network integrity.
From http://www.Facebook.com, May 2011
The following are the top 4 Facebook scams that continue to plague user experience. These examples show that although Facebook is proactively implementing security precautions, flaws in their security remain. Once problems are identified Facebook should place a greater effort on expressing their concerns and warnings to the users rather than letting their users discover the problem first hand. Even though many users may have heard of these scams it was probably not directly from Facebook but instead from other websites blogs or from other users. For those of you that are hearing about them for the first time due to Facebook’s inability to properly educate the following 4 are the most prominent scams on Facebook today.
Click Hijacking:
For some, these messages may immediately appear to be scams but sometimes the offer is too enticing to refuse. Clickjacking calls for a user to copy and paste text into their browser search bar which infects the computer with malicious code. After a user unintentionally infects their computer the Clickjacker can use that account to distribute spam. Instead of Facebook identifying these types of messages and sending out a notice to users they leave it to the user to find out about it first-hand.
One example of Clickjacking is when a user receives a post from their friend saying “OMG OMG OMG This Really Works- See who has been looking at your Facebook Profile”. When a user clicks on that message it prompts them to complete a series of tasks that will inadvertently provide the Clickjacker access to the account. Another example is the “Free iPad” message that says “I can’t believe this, Apple is giving away 100 free iPads”. Both examples work similarly with the main intent on gaining access and spreading more spam.
Facebook is currently developing new protection protocols in partnership with the safe browsing tool Web of Trust (WOT) to create more awareness. The new policies will require users to provide confirmation while posting content on their wall as well as the walls of others. The new protection will take effect May 26, 2011 however many critics have criticized Facebook, stating that this only adds a small hurdle for spammers and does very little in the way of preventing future scams.
Bogus Surveys:
Some of the enticing messages users receive on Facebook will redirect users to an outside website site where there will be a survey. Typically this survey is required to participate in whatever the link originally offered. These sites usually have no intention to make good on the advertised offer and only serve to direct users to the survey page. These questionnaires are used to acquire user information and will frequently request a user’s phone number in order to complete the survey. Once the rogue survey obtains a user’s number it can be used to rack up charges and subscribe to bogus phone subscriptions.
Fake Pages:
Fake pages are used to influence users to perform negative actions on Facebook. For example the page may display a message claiming to offer a free prize if you post spam content on the walls of other users. The fake app often acts as a portal to a phishing and Clickjacking scheme or can lead to Facebook taking action against the innocent user for spam distribution.
Faulty Apps:
With all of the apps on Facebook users have become exposed to more and more malicious content. Rogue apps may look harmless at first but once a user grants the app permission to access their information it quickly becomes apparent just how damaging they can be. These types of applications can be used again for phishing schemes, malware dispersion, Clickjacking, money transfer schemes, and the spread of other spam content.
Like most malicious apps the “Facebook Shutdown Scam” app was one that gained the trust of users by pretending to be a direct message from Facebook. This scam would post an app informing users that Facebook is closing all inactive accounts and prompted them to “allow” the app if they want to keep their account active. Once the user agreed to accept this request they are immediately redirected to a site that scammers use to gain commission from. In addition the user has also inadvertently provided the scammer with full access to their user name, password, and account information.
These are just some of the more known scams, others include imitation friend request, phishing schemes, fake emails, phony messages, and forged money transfer requests. Scams can take on many forms so it’s important to be weary of what you access and what apps you use while on the social network. Whereas some of these scams may appear obvious many will remain subtle due to Facebook’s failure to properly generate user awareness. What a user should take away from this article is that it is equally important for you to do your own research and not to rely solely on Facebook to stay up-to-date with the latest security threats and scams.
A great way to keep up with the latest tech news is to read daily tech blogs like HuffPost Tech and Tech Crunch.
Thanks for reading!
Dustin
Tags: Facebook, fraud, malicious content, scam, social network, spam, spam content, Users
