Petronella Blog Archive

Visit our New Blog

Recognizing Scams on Facebook

Blog Post

You know those too-good-to-be-true offers on Facebook, or those statuses you just MUST click on to read?  A lot of those are scams meant to capture your information or even infect your computer with malware.  Here's a detailed look on how to recognize a Facebook scam.

The first step is to get you lured in.  This can be done with a sensational headline, maybe something like "OMG - You won't believe what she did in the locker room!!!"  Another tactic is a giveaway, such as a free iPad if you take a survey, for example.  Another popular type purports to  add features to Facebook, like the ability to see who's clicked on your profile.

Once you're baited and you click on the link you're asked to take another step.  You might have to install an app, take a survey or download and play a game.  Sometimes just clicking the link can automatically do these things and even share the link to your own timeline, perpetuating the scam.  This is called "clickjacking."

Once you've jumped through the hoops of competing a survey or playing a game (ostensibly to prove you're a human), you'd expect to get your prize, like your iPad or the story about what "she" did in the locker room.  But no.  Instead, you've just given away personal information that will be sold to marketers or maybe even identity thieves, or downloaded malware.

So what do you do if this has happened?  

  • First of all, make sure the sam isn't perpetuated on your own timeline.  Delete that sucker as quick as you can so your friends don't fall victim to it as well.  Go ahead and post a message on your wall warning about the scam.  
  • Next, you should change your Facebook password, just in case you accidentally gave it away.  
  • Check the list of applications installed on your Facebook account and make sure to remove any that look like they have to do with the scam you were just subject to.
  • Run any malware scanner you have to make sure your system is clean.
  • Enable two-factor authentication for Facebook (and really, you should do this for Twitter, Google and any other services you use that offer it).  This way if your account information has been compromised, you'll know if someone is trying to do anything with your account.
  • Sign up for identity protection.  We highly recommend LegalShield and GuardedID.