ALERT: 4 Ways That Spam Creeps Onto Facebook

Don't be fooled by the latest hijacking scheme that displays Facebook security icon and a warning that you need to verify your account.

You’ve probably seen hijacked accounts that message you with “I can’t believe they said that about you” and a link to spam. A scam we discovered this morning ups the ante with the inclusion of a Facebook security icon and a warning that you need to verify your account.

This clickjacking scheme replaces the compromised account’s main photo with the logo for “Facebook Security” while retaining your friend’s name.

If you click on the link, it then infects your account, causing you to mass message all your friends with the same ploy.

In the same way that spammers have tricked Google’s PageRank to rank well in Google search results, might they trick Facebook’s EdgeRank to get more newsfeed exposure on Facebook? In short, not likely. So let’s cover the main points of vulnerability.

Users Tricking You Into Clicking On Things

While methods such as likejacking still exist, the concept of likes being links doesn’t quite translate into social. EdgeRank is based upon what your friends are doing. The folks you interact with the most get the most exposure in your news feed.

So a spammer who creates an army of bots liking each other will only impact the news feeds of the other bots, which is useless. In Google, link farms and low quality sites linking to you will bump up rankings.

But on Facebook, you’re probably not going to accept friend requests from a bunch of fake profiles. And if you incessantly like things, friends will soon become un-friends.

So spammers (obnoxious friends included) can’t really use profiles to get you. You can turn them down or block them.

Only real human beings can get through. The other day, a chat message from a friend popped up, asking me to wire him money, as he was stuck in London and needed money for a flight home. Obviously, it wasn’t my friend, but a spammer who compromised his account. I asked him a question about Facebook EdgeRank, as my real friend would have known the answer, just to prove it was a phony. Busted.

Apps You Give Permission To Act On Your Behalf

If an app can get you to accept its permissions, you might be accidentally conned into installing an app that auto-invites all your friends, a birthday app that tags all your friends on a calendar, or an open graph app that tells everyone what you’re reading, watching, or listening to right now.

But Facebook usually bans apps that are abusive here based on a certain number of people providing negative feedback.

And the game-spam is largely dead (“John Smith just reached Level 14 in SpamVille. Give him some coins!”), as canvas app usage falls. Same with the pictures of dead puppies, top 10 lists, and “Bill Gates wants to give you $100” schemes.

Brand Pages That Overpromote Themselves

Brands may post more frequently, build apps, runs ads, or give away stuff. In spite of that, they are getting less exposure in the news feed, while ad prices are going up.

Facebook’s EdgeRank algorithm has muzzled most brands because they are not as engaging as that user’s own friends, which sets the bar high. It’s this same algorithm that protects users from any other kind of unwanted, irrelevant messaging (the definition of spam).

Facebook Displays More Ads Than Ever

Yesterday, we counted nine ads on the homepage — seven on the right side and two of them in the newsfeed.

Sure, some people will complain, but consider that Google has been showing ten ads for years, as well as ads on mobile devices. And some folks might even complain that their own actions are being turned into sponsored stories shown to friends.