Skip to Content

Stay safe on your FACEBOOK!

Facebook logo (c) copyright facebook.comFacebook is a social network phenomena used widely by a vast number of people on a daily basis. Many users of this social network had already experienced some form of fraudulent activity in one way or the other. Even if the fraudsters aren’t trying to gain any money directly from you, they can still use you to their benefit in other more sophisticated ways. One of the most obvious ways to do so is promoting websites or products on Facebook without your consent or knowledge. These people earn real money for advertising services that they provide to companies whose products or websites they promote. The outcomes of such activities are likes of pages that you have never heard off nor clicked ‘like’ but they still appear on your profile page.

Symptoms

Usually such fraudsters create fake web sites. The names of such web sites are not known to anyone, normally just a random word followed by .NET, .COM etc. domain name. They tend to use non English language in their websites as then English speaking people are unable to assess the content of such malicious websites.

Usually such adverts appear on your Facebook wall when your friends chose to share them. Unfortunately many people who do that do not have sufficient knowledge to identify the fraudulent content and effectively all they do is just help spreading it.

How to recognize the following pages

These adverts are normally linked to a website that is outside of the Facebook. When clicked you would be redirected to a website that contains some shocking, intriguing or unbelievable news articles, for example: some terrible accident or naked photos of a well-known celebrity or film star etc. Usually such articles will not be published anywhere else by any trusted and well known news websites.

Sometimes visiting such websites you will be asked to participate in some challenge. For example you will be shown a bunch of buttons and you'll be asked to click them in certain order. It will explain that the reason for that is to prove that you are a real person. Not all of such malicious websites offer to press bunch of buttons, some of them just offer to watch a video and when you click “play” button it actually does much more than just show the video.

Note that in all cases you will find yourself being redirected to a different website outside Facebook. That is because Facebook has strict rules and such activities are not permitted in any form on this social network.

Consequences

By pressing such various buttons you actually press “like” for a webpage you are totally unaware of! Sometimes you don’t even have to press anything, just visiting such websites can be enough for client side scripts, such as javascript to automatically invoke ‘like’s on web pages you did not even see. In this way you can start to like totally unknown webpages that can be completely against your views or support some illegal activities etc... Such websites can be about anything and because you have been tricked to like it - your friends and family members will see it on your Facebook wall.

Measures

  1. Spend some time to check every liked page on your facebook account and remove all unknown pages. Also you may mark these unknown pages as spam.

  2. Try to browse such pages when you are disconnected from Facebook, typically such pages ask you to connect to you Facebook account and don't show anything until this condition is satisfied.

  3. If you are on a suspicious webpage that offers to watch a video, especially if it is YouTube video, before making any other action try to right-click on the video area and check menu items. In a regular YouTube player menu you will find „Copy video URL” menu item. Some pages show the image of YouTube player but when you click on “play” button it activates liking of some malicious webpages by Facebook and only then loads and plays video content. If after right-click you do not see flash or YouTube flash player menu it is better not to risk watching the video. If this right-click menu is disabled with some scripts it is also a sign of malicious activities by this website.

Firefox + NOSCRIPT

One of most secure ways to browse websites is to use Firefox web browser with some add-ons. Best add-on for this is NOSCRIPT. This add-on will automatically disable any scripts, like javascript on all websites and user will have an option to enable these scripts manually. Enable these scripts on trusted and well known websites only!