Spam is everywhere and Facebook is no exception. In fact, spammers are constantly stepping up their game by tricking unsuspecting Facebook users to participate in quizzes, games, apps, or "new features" that are actually dangerous computer viruses, spyware, or other trojan horses in disguise. Their attempts even trick people into unknowingly becoming spammers themselves.
One semi-recent example is the Facebook "dislike" button, a tool that did not exist. There were scam reports of users being invited to download the button, which led to a rogue application that could gain access to profile information and even post more spam messages in your name. It was also reported that these invite links would lead to online surveys, which the spammers were paid for.
The latest scam invading the walls of the popular Social Network claims to have a tool that allows you to see who's been viewing your Facebook profile. One conspicuous example of this type of spam manifests its self by posting the following suspect message to every friend of its victims:
"OMG! Its unbelievable now you can get to know who views your facebook profile.. i can see my top profile visitors and i am so shocked that my EX is still creeping my profile every hour. click below".
Another example looks like this:
More common spam contains links to free iPads or whatever the hottest new item on the market is—seemingly posted by your friends who give it a ringing endorsement. But more than likely, if it's a link to something too good to be true, it's spam.
Some more recent spam even asks you to copy and paste code into your URL address bar. This is obviously something to avoid. I've asked our own CTO here at WonderHowTo, Bryan Crow, to give some insight into how to detect what's safe, and what's not. This is what he had to say:
If I were to guess, I'd say that 99.99% of bookmarklets that ask you to execute them on Facebook, eBay, Gmail, or any other "secured" site that contains personal information about you, are most likely sneaky ploys to steal information about you without your knowledge. It's possible that they'll also act on your behalf in the future by spamming your friends, asking them to install it, or worse—by secretly making you load another webpage in the background that makes them money—maybe even prompting you to install some cleverly disguised spyware.
Bottom line is, if you're ever sent to a webpage asking you to copy and paste the included code in the address bar on any of your Facebook pages (as in the below image), you can be pretty sure it's a scam.
Spam links (for tools that promise to reveal Facebook page "stalkers", etc.) can also be bookmarklets in the form of hyperlinks, a quicker version of the above instance. But most times they'll just be links to online surveys or malicious spyware.
If at any time you're asked to "sign back into Facebook" in order to watch a video, take a survey, or play a game, it's a telltale sign that the site you're on is phishing for your password. Real Facebook accounts can sell for big bucks on the internet black market. Don't be fooled into handing over the keys.
Legitimate sites that allow you to login using Facebook connect will open a window where the URL in the address bar will start with "facebook.com" as the domain name when they prompt you to authenticate. Never type your Facebook password in a web page if the address bar shows any other domain name. If you're already logged into Facebook, a site that uses Facebook connect won't prompt you for your password. It'll just ask you to grant it permission.
If a link to a survey happens to be to an app, and if you're not sure you trust it, simply deny it access to your information. Just remember, any time you click the allow button, you're giving that app permission to access any information you've posted about yourself on your Facebook profile. That doesn't necessarily mean the app will do anything with it. But if you're unsure of the source, it's better to be safe than sorry.
For more ways to protect yourself from harm on Facebook, check out our article on protecting your Facebook profile.