As Facebook has grown in popularity, it has also become a primary target for hackers and spammers. An increasing number of Facebook users are having their accounts compromised. Each newly compromised account is then used by the hackers and scammers to propagate their scam further. You don’t need to be an idiot to have your account compromised. If you are caught off guard for a second, you may accidentally fall for one of these scams. Learn how to protect yourself in this article.
1. IQ Quiz Ads
While Facebook has spent the past year trying to cut down on the number of misleading advertisements on the site, the fact remains that a small percentage of users still get duped into purchasing services they don’t really want. The IQ Quiz Scam has become ubiquitous on the Facebook Platform, and those users who install applications can expect to see an advertisement for an IQ Quiz Scam at some point. In December we covered one application developer who was using spammy techniques to get new users to install their application and ultimately click on the IQ Quiz advertisements.
As soon as you click on one of the ads, you’ll be brought to a site where you’re asked up to 10 questions which are relatively easy to answer. You will then be prompted to enter your phone number to view the results. Don’t enter your phone number! If you do, you will be charged upwards of $10 a week directly to your phone bill. While most phone companies are willing to refund you for your first purchase, they won’t do it after the first occurrence. That’s because the phone companies generate billions of dollars each year off of these types of transactions.
If you want to protect yourself from IQ quiz scams, do not enter your phone number into any sites outside of Facebook.
2. I’ve Been Robbed! Western Union Me Money!
You’re browsing around Facebook and suddenly one of your friends IMs you to tell you that they’re stuck in another country, they’ve been robbed, don’t have a wallet, and need money to get out of the country. It’s a horrible situation but what are the odds that they found a computer to log on to in order to instant message you? Even worse, what are the odds that one of your friends who was traveling abroad got robbed and wasn’t able to find anybody to help them out?
I’ve been with people who’ve lost their wallet abroad and needed to get money sent via Western Union, however if the person can get access to Facebook, they probably can access a phone. While you should always help out your friends, you can avoid being duped by international fraudsters by asking your friend to call you in order to wire the money. Unless your friend is in the middle of a jungle in the Congo, they should be able to call you.
Most of the times that this happens, it is a scammer who has stolen your friend’s account and is systematically going through and IMing each of their friends to try and get money wired to them. Don’t fall for it!
3. Facebook Phishing Landing Pages
One of the most common ways Facebook accounts get compromised is through simple phishing scams. The way it works is that a user’s account is compromised by a hacker and the hacker then uses that account to automatically post links on each of that user’s friends’ walls. Sometimes the system will send messages to the friends such as “Check out this funny video of you!” with a link that redirects to a page with a fake Facebook login page (as pictured above).
It’s pretty straight forward, and it’s easy to avoid, however countless people have fallen for this scam. The easiest way to tell if it’s a scam is by looking at the URL of the page you land on. The best way to protect yourself is, anytime you see a Facebook login page, leave it and go to http://www.facebook.com in your browser. That way you can ensure you are logging in to the correct site.
4. Koobface Worm That Automatically Hijack Your Account
We’ve written about the Koobface worm on a number of instances, and while Facebook has worked to aggressively prevent the worm, it continues to spread today. The scam is pretty straight forward. In the attack, a user will receive a message from what appears to be one of their friends. The message will say things like “Paris Hilton Tosses Dwarf On The Street; Examiners Caught Downloading Grades From The Internet; Hello; You must see it!!! LOL. My friend catched you on hidden cam; Is it really celebrity? Funny Moments” and many others.
Included in the message will be a link to a page which appears to be a YouTube video. If you click on the video, you will be prompted to “upgrade your Flash player now” and will then be asked to download a file which contains the Koobface worm. If you download and install the file, your computer will automatically log in to Facebook and send similar messages to your friends. The best way to avoid this scam is to avoid all links that are posted on your wall or in your inbox that are out of the ordinary. Also, never download a file after clicking on a link.
To learn more about the Koobface worm, check out the information at the Kapersky Lab.
5. Other Malware Applications And Links
While we’ve attempted to highlight the primary scams, hackers and scammers are constantly evolving their strategies to steal passwords, and take over computers. The best thing to do is always be weary of strange links posted to your profile or inbox as well as avoid downloading any files that you’re prompted to, no matter what. While many of the scams on Facebook are harmless to your computer, its important to protect yourself against any viruses and worms.
Some Facebook applications have used toolbars among other things to make money from their application. Some of these toolbars will significantly damage your computer. The bottom line is this: be on guard any time you see something suspicious. If you do happen to fall for a scam though, make sure to immediately change your password. If you aren’t able to access your account because you were phished and your password was reset, fill out this form.
Koobface icon via thingamatech