Home / Insights / How To Protect Yourself From Facebook Scams

How To Protect Yourself From Facebook Scams

Vangie Beal
Last Updated May 24, 2021 8:01 am

With more than 1.06 billion monthly active users it should come as no surprise that Facebook is a ripe playground for scams, malicious spam and malware to infiltrate.

What Is Facebook Spam?

No SpamThe pool of potential victims grow as more people go online and create a Facebook profile. With more than 1.06 billion monthly active users (as reported by CNet in January, 2013) it should come as no surprise that Facebook is a social playground for phishing scams, malicious spam and malware to infiltrate.

For those who work and play online, spam is unavoidable but it’s a nuisance and, more importantly, it’s a potential threat to your privacy and computer system. In email we see fake advertisements and phishing scams and this kind of spam also make the rounds through Facebook and other social networking sites.

How to Protect Your Facebook Account from Spam and Scams

On Facebook, if you do not immediately recognize bogus inbox and Wall posts you could inadvertently open your account, your computer and your friends to the malicious scam without even knowing it.

Like email spam, one way to stop Facebook spam from spreading is to learn about it, malware and phishing messages. Know how to spot them and also familiarize yourself with how these Facebook spam messages work.

Recommended Webopedia Spam and Malicious Software Definitions:

Facebook Wall Spam

One of the most common types of Facebook spam is a Wall post that encourages you to install a Facebook application. The application will require that you to agree to allow the application to post on your Wall and your friend’s Facebook Wall. When you allow this authorization, the spam message is immediately sent to your friend’s Walls. If a friend sees the message and performs the action, he or she will then see the same spam on their Wall and the cycle continues. This is how spam messages can move so quickly through Facebook.

Unfortunately, many of these messages are designed to trick Facebook users into cutting and pasting malicious code into the address bar in the Web browser or by clicking an embedded link in the message that takes you off Facebook (commonly through a URL shortener link) where you could potentially become victim to malicious malware and phishing scams.

Facebook does have a number of security controls in place and the system is able to detect many of these types of messages before they become rampant on Facebook. In some instances you may be asked to verify a “Like” or you may see a warning that a link you are trying to visit has been classified as potentially abusive by Facebook.

An Example Facebook Scam: ‘Enable Dislike Button’

This month a new Facebook scam started circulating. This scam usedpeople’s desire for a “Facebook Dislike” button to spread the scam. The message indicates that Facebook has a new Dislike button. Clicking on the link will forward the message to your friend’s Facebook Wall and run unwanted JavaScript on your computer.

Facebook Scam: Enable Dislike

(Read more about this scam on the Sophos Blog)

7 Tips to Avoid Being Tricked by a Facebook Wall Scam

Being aware is the only way you can prevent these messages from spreading. Learn what to look for to determine if a Wall post or inbox message is a legitimate message from a friend or spam. The following tips will help you to learn the difference between spam and legit messages.

1. Look at the message.Is it of the same value as other messages this friend would typically post? For example, if your friend is a professional acquaintance and you see a message like “OMG! Look at this video” on your Wall, chances are the message was not intentionally sent by your friend. If the message seems out of character for your friend who posted it, then do not click the link.

2. Look in your Facebook news feed.Are you suddenly seeing this message appear multiple times? If so, chances are it is a scam that is being sent through automated means.

3. Pay attention to the authorization requests for any apps you install.For example, to view a video a Facebook app shouldn’t need to access all of your information or need permission to post to your Wall and your friend’s wall. Always investigate those apps that ask permission to post on your Facebook Wall and your friend’s Wall.

4. Be wary when a message on your Wall contains short links from friends who don’t usually post links on your Wall. This also is another form of the message being “out of character” for your Facebook friend.

5. Always verify URLs before clicking. In video spam messages, for example, the message indicates you will go to YouTube to watch the video. If you move the mouse cursor over the link (but do not click it) look at the details of the link in the footer of your browser. This will show you a URL that may look similar to YouTube but is not the real YoueTube.com Web address.

6. If you click the link and are greeted by an unfamiliar screen and a page you were not expecting, do not click any links or icons on that page.

7. The golden rule: If the message looks suspicious delete it from your Facebook Wall. As you move your mouse cursor to the top right area of the Wall post an X will appear. Highlight the X and you will see an option to Remove the post.

How to Remove a Malicious Facebook App

If you didn’t recognize the Facebook message was spam and you clicked “Like” or have installed the app, there are a couple things you can do to remove it.

First, make sure you have deleted the post of your Wall to prevent others from seeing the message, clicking “Like” and continuing to spread the malicious Facebook spam.

The next step is to remove the application from your Facebook account and revoke the access and authorization privileges you granted when adding the app. To do this, go in to your Facebook Account settings and remove the application. Here are the step-by-step instructions to complete this task:

From the top right-hand corner of your Facebook profile:

  • Click Account and select Privacy Settings.
  • The bottom left-corner of the Privacy Settings Page will have a link to Apps and Websites. Choose the Edit your settings link.
  • In the next screen you will see a list of the most recently accessed apps in your Facebook account. Select the malicious spam application from the list, Edit Settings and click Remove.

Be Proactive: Track Current Facebook Spam and Threats

There are a number of Web sites that track the latest Facebook scams and provide details on what’s behind the malicious Wall posts. You can check these Web sites periodically to stay on top of Facebook spam.


Recommended Reading: How do I avoid getting spammed?
This Webopedia slideshow will take you through the process of learning what email spam is and how to combat spam by following industry best practice tips.

This article was originally published on May 20, 2011