Facebook has filed a law suit a firm who, they say, bombarded users with clickjacking scams that earned $ 1.2 million a month.
Naked Security – Sophos
Tag: Facebook
Supermarket chain Tesco has warned its customers about a scam that has spread on Facebook, claiming that attending an event on the social network can will earn them a free £250 gift voucher.
Naked Security – Sophos
Should there be a minimum age before you can use social networks or have a web email account?
Under Google and Facebook’s terms of services, you have to be at least 13 years old. However, plenty of even younger girls and boys are probably using the systems – with or without the knowledge of their parents.
Naked Security – Sophos
The settlement addresses charges that the company misled users about how it would use their personal information. Facebook would be required to obtain user consent before making “material retroactive changes” but wouldn’t have to change current policies.
Naked Security – Sophos
Scammers have put a new spin on an old Facebook scam, claiming that a girl killed herself on Halloween after her father posted a message on her wall.
Naked Security – Sophos
Facebook users are tricked into believing that they can play Mario Kart on the social network.
In reality, they’re helping to put money into the pockets of scammers.
Naked Security – Sophos
If you want a rumour to go into overdrive, then Facebook is the place to kick things off.
A message is being shared widely between Facebook users, telling dog owners to be careful if they take their pet to the park – as there might be pieces of cheese lying around containing nails. But what are the real facts?
Naked Security – Sophos
Will Facebook start charging due to the new profile changes?
No.
But don’t let the truth get in the way of a good old-fashioned chain letter, spreading like billy-o across the social network. Read more…
Naked Security – Sophos
If you’re a Facebook user, please repeat after me:
Facebook doesn't let you track who is viewing your profile.
Third-party Facebook apps aren't allowed to do it either, and if they claim to offer the ability they are banned from Facebook.
Don’t believe me? Here is the official word on the issue from Facebook itself:
And yet, we continue to see scams spread far and wide across Facebook claiming to offer the functionality.
See this example, for instance, which tags a photograph of a woman sunbathing in her bikini with the names of Facebook users.
Because the photograph has been tagged with the names of Facebook users, they will see it appear in their newsfeed and will – no doubt – be curious to find out more.
A comment on the photograph claims to point to a way for Facebook users to see who has been viewing their profile. The girl in the bikini was being used as tempting bait, just to bring traffic towards that link.
(You’re probably thinking by now – wouldn’t it be nice if Facebook gave its users the ability to opt-out of all photo tagging? Of choosing to never want to be tagged in a photo without their permission? And yes, it would be a very good idea – but Facebook seems less than keen to implement it).
If you’re foolhardy enough to click on the link, you are taken through the process of adding a third party application – handing it the keys, effectively, to your profile and authorising it to post messages, photos and notes to your Facebook wall.
Of course, if you give it such permission it will simply perpetuate the scam – spreading it onto your friends using your and their names.
The purpose of all this subterfuge? To trick you into taking an online survey – which earns commission for the scammers.
Remember – you should always think twice (and maybe three times!) before allowing an application to access your Facebook profile, as there are many rogue apps designed purely to make money for the scammers and spread their viral schemes to as many users as possible.
Photo tagging pictures of women wearing bikinis isn’t the only way that the scammers bring traffic to their campaigns, of course. They still find old faithfuls, such as viral status messages, an effective means to spread enticing news of a way to view who has been viewing your profile.
Here’s just such a scam spreading on Facebook as I write:
WOW l cant believe that u can see who ls viewing your profile! l just checked my TOP profile visitors and l am SHOCKED at who ls still checking my profile! You can also see WHO VIEWED YOUR PROFILE here: [LINK]
Make sure that you stay informed about the latest scams spreading fast across Facebook and other internet attacks. Join the Sophos Facebook page, where more than 100,000 people regularly share information on threats and discuss the latest security news.
You could also do a lot worse than check out our best practices for better privacy and security on Facebook guide.
Hat-tip: Thanks to Naked Security reader Heidi for first alerting us to the bikini photo-tagging scam by sending us a tip
I’m sitting here in a hotel working on a Request For Proposal for full disk encryption while listening to a movie in the background. (It helps me think.) I take a peek at the Facebook feeds and, lo and behold, my wife is blasting out some fresh Facebook privacy angst!
Keep in mind, she’s not a security pro and can barely spell HTML. To see her concerns about what you are about to read will surely evoke some emotion:
Her Facebook post contains the steps you need to take to reveal the mobile numbers of your friends along with anyone you are friends with that you really don’t know. I provided a link to the Facebook URL at the bottom of this article.
In the event you feel that this is not a privacy risk, let’s put this into prespective based on how I use Facebook.
I have just under 1,400 Facebook friends. Most of them are a result of playing, dare I admit, Mafia Wars. Even though I stopped playing over a year ago, I still have lots of Facebook friends as a result.
I clicked on ‘Account’ -> ‘Edit friends’ -> ‘Contacts’ – and there they were: the mobile numbers of 213 friends. I estimated that about fifteen are people I know well, and a good number more are former or current colleagues.
I compiled a list of graphics pointing to some of my Facebook friends whose mobile numbers are now visible to me, even though they almost never intended to share them. I smudged their mobile numbers to respect their privacy.
My advice is to follow the steps given by Facebook to remove your mobile number and to prevent others from seeing yours.
Facebook! The social network wars are hot, and aren’t waning! If-self preservation is on your agenda, upsetting users such as Jenny is not the way forward.
Most of your users are much like Jenny. She treasures her privacy; so should you.
Asking your users to opt in when new features and services become available is a much better approach to keep them happy and using your serices than forcing them to opt out.
Thanks for listening. Until next time, stay secure.
