Facebook Scams, Hoaxes, and Malwareby Rich Pasco
The social networking site Facebook is large enough to have attracted more than its share of scams, hoaxes, and malware. The same cautions should apply when using Facebook as when reading regular e-mail or outside web sites:
Remember your parents telling you not to accept candy from strangers? Facebook “Friend” requests are much like that candy. Remember, on the Internet, nothing is as it seems. That lonely, sexy young woman might just be a devious hacker hell-bent on identity theft or taking over your computer. Photos of lovely models are freely available online, so pictures do not necessarily represent the person behind the Facebook profile. A true friend is someone you know well enough to trust. Simply declaring someone a “Friend” on a social network does not make them one.
If you get a Friend request from someone you don't know, do not accept it right away. You might reply (with a private message) and politely ask that person how they know you. Don't accept it just because they have mutual friends of yours, because it may be that your friends fell for the scam, too. You might message your friends and ask them how they know that person. If they don't know him either, then send them a link to this page.
One reason it is dangerous is that once the person is your “Friend,” he has access to all the information you have posted just for your friends. It is even easier for him to create a duplicate profile and then befriend all your friends, and so on. See “The Duplicate Profile” below. Another is that you might trust them and then fall victim to one of the hacks to take over your computer (see my article “Every Trick in the Book.”
Another scenario: You didn't know it, but that beautiful, lonely 26-year-old woman who sent you a friend request last week is really a 45-year-old male burglar. And by posting your vacation pictures as you travel, you've just told him that your home is available for his picking.
An example phony profile: “Comfort Mylla”
I got a Friend request from “Comfort Mylla” on Thursday, January 28, 2016. It was a new account with no history before the profile picture update notice below (see the “his” in it), and only a few friends, all older men.
I put the photo into Google Images and found the net awash with that same picture attached to phony profiles at various dating sites. So naturally I declined the request. In fact, I never accept Friend requests from people I don't already know.
I sent “Comfort” a private message explaining that I only accept Friend requests from people I already know. In an attempt to convince me of her sincerity, “she” sent me a few more pictures, which matched other shots of “Danielle” from the Danielle FTV site at the first link above. When I asked about that, she said she used to be a model under the assumed name Danielle, but returned to Ghana to care for her ailing mum. Sure, right.
So I reported the profile as per the instructions under “How to Report a phony profile” below. Here is the result:
Another phony profile: “Mary Cusack”
When I opened my Facebook account on Friday, January 6, 2017, I had a Friend request from a beautiful, sexy twenty-something young woman with a brand-new Facebook account and absolutely no other Facebook friends. Eager to learn more about her, I right-clicked on her profile photo and chose “Copy Image Location.” Then I went to Google Images, opened their “search by image” feature, pasted the link and found several articles about “The ‘Yahoo Boys’ in Nigeria.” So I pulled down the menu on my new friend's profile and chose “report this profile” and “this is a fake account.” Facebook took it down promptly.
For More Information
Hackers copy your name and your profile picture and create a new Facebook account. They send Friend requests to all of your Friends. Your friends think it is you, so they accept. From then on, the hackers can say and post whatever they want under your name.
Hacked vs. Cloned (or Spoofed)
Please carefully distinguish between two terms:
Confusion between hacked and cloned profiles resulted in an e-mail virus claiming that hackers could post inasulting messages ostensibly from you on your friend's “wall” (status timeline). As this article explains, any such messages may appear when your friends accept clones of your profile.
Configure your account so that your posts by default are visible only to your Friends, not to the general public. Your public profile should list only what is necessary for someone to recognize you.
Keep your Friends list non-public (so it is not publicly visible). While this won't stop a hacker from cloning your profile, it will reduce his motivation to do so, because then if he does, he can't send Friend requests to all your real Friends. How to do this is explained below.
If you have a Facebook account, use it! Post frequent status updates (with photos if possible) for your Friends' eyes, about what you're doing in your life. That way they will know they are your Friend and be less likely to accept a second Friend request. It will also make it easier to distinguish the real you from your clone (the hacker would have to copy your updates one by one, which would introduce a delay.)
Periodically enter your name into the search box at the top of the Facebook screen. If you see a second profile with your name and profile picture, open it and report it as a fraud to the Facebook authorities.
Sadly, sometimes hackers will Block the account of the person whose identity the are stealing. (In Facebook, if you “block” a profile, you don't exist as far as that person is concerned. But the rest of the world can still see you.) In this case, you may have some success asking a friend to follow the above procedure on the duplicate account, except choosing “pretending to be someone I know” in the last step.
If you get a Friend request from someone you thought was already your friend, do not just Accept it. Instead, contact them (by a trusted means, not via the fake profile!) and ask about the duplicate. If they did not intend to create it, they should report it as above.
Note 1: Access Facebook via a web browser. I don't know how to report a phony profile from a cell phone's Facebook “app.” In fact, I don't think you can.
Note 2: These instructions assume the imposter has a full Facebook profile. Recently, some imposters have been creating Messenger-only accounts, without an associated Facebook profile. I don't know how to report them, yet.
It is a good idea to keep your list of Friends hidden from public view, for at least two reasons:
To do this:
Update March 19, 2018: Caution: The above steps are worthless if you explicitly grant a third party permission to access your Friends list. Today's news brings reports of a scandal where a voter harvesting scheme involved a personality quiz application which opened with a question like, “This app needs to access your Friends list, OK?” Many users clicked OK without understanding the implications of this action. For more on this scandal, see
When dealing with cloned accounts, it is helpful to note (on a piece of scratch paper, or in a temporary file) the subtly different URLs (web addresses) of the genuine and phony accounts. For example, my genuine URL is
Editorial Commentaryby Rich Pasco
It is indeed unfortunate that Facebook's default setting (what new users get if they don't deliberately change it otherwise) is for your list of Friends to be visible to the entire world. I think that this is dangerous, because it encourages hackers to publish impostor profiles and then send Friend requests to all the Friends of their victims. So I encourage everyone to change their settings to hide their list of Friends from public view. I really wish that Facebook would change their default for new accounts to make your Friends list visible to your Friends only, but of course nobody in charge there ever listens to me.
For More Information
If you get a private message via Facebook's Messenger component, apparently from a friend, with what looks like link to a video, do not click on that link without
first asking your friend what the link is about. It may be that your friend's account was compromised and the link is malicious. Or it may have come from an impostor who copied your friend's name and profile photo to create a phony clone account.
The general rule is, never click on a link received in any unsolicited message, even if apparently from a friend, without a clear understanding of exactly what is at that link. Ask you friend what's there and why he sent it to you!
For More Information
In November 2012 and again in January 2015, countless Facebook users began posting a notice to their profiles encouraging their friends to do the same, apparently rescinding the Terms and Conditions they agreed to by signing up for Facebook. This is a virus in that it tricks others into reproducing it, while being a worthless, misleading waste of time. Think about it:
For More Information
Graph App and PrivacySince February 2013, there's another false “urban legend” going around on Facebook, claiming that their Graph App compromises user privacy. Read the truth by David Emery and on Snopes.
Your friend shares on his status/timeline what looks like a link to an interesting video (e.g. “Rowan Atkinson died in car crash” or “World's largest snake found in Brazil”), but when you click in it you get a message that says it is a restricted video and you must share it first in order to see it. Doesn't that seem strange? Personally, I share something after I watched it, not before. If you do share it, you have become an accomplice in spreading this junk, just like your friend. Some examples follow:
RIP Mr. BeanYou see a post ostensibly announcing the death of a celebrity (in this example, Rowan Atkinson) and want to learn more, so you click on it. A seemingly legitimate news video starts playing, but then is interrupted by a “Security Check” pop-up, instructing you to Share the video to prove that you are over 18 in order to continue watching. How sharing the item would prove anything about your age escapes me, but if you do, you are led to more diversions, aimed at installing malicious software (malware) onto your computer, extracting your credit card number, or both.
World's Largest Snake
The link your friend shared leads to a page on a different domain than facebook.com, which is cleverly designed to resemble a Facebook page (that it is not). This too is a clue that it is fraudulent.
People who have persisted report that the process leads to a “survey”; which asks your cell phone number. If you provide it, you get signed up for a “service” which is then charged via your cell phone bill. Don't fall for it!
For More Information
The Phony Login Screen
You see what looks to be an interesting video, but when you click on the “play” icon, you get what looks like another Facebook login screen. Hey, weren't you already logged in to Facebook? You're looking at a phony screen—notice that its domain is not https://www.facebook.com/—and if you entered your login credentials (username and password) there, you would be putting them directly into the hands of a hacker!
Phony Charity and Promotion Scams: Don't “Like” or “Share” pages from users you don't know
Facebook is no stranger to “e-mail viruses,” defined as messages which just beg to be shared (or forwarded) because they contain an urgent-sounding warning, a heart-wrenching plea, an offer of something for nothing, or a heart-warming story. It is imperative to check the validity of claims made by an item before you share it.
There are a whole class of scams which promise a valuable prize (or a chance at winning an even more valuable prize) just for Liking, Sharing, and/or Commenting on a free offer. The scammers come up with these faster than I can document all of them here, so just because one does not appear among the examples below does not make it legitimate. Remember, “if something seems too good to be true, it probably is,” and “A virus is that which tricks its victim into reproducing itself.”
Since Facebook sends you more stuff from users you like, unscrupulous hackers eager to get exposure will do anything to get you to “Like” or “Share” their content. Once they have baited you with cute animals, heart-wrenching tales, or offers of free stuff, they can then use their popularity to broadcast scams and malicious software (malware). Some falsely offer a reward if only you forward them. One common hoax contains a heart-wrenching photo of a deformed or maimed child and a claim that Facebook and CNN will contribute some amount for every Share or Like. These hoaxes are very common.
You see an advertisement offering coupons which look authentic and offer fantastic deals at well-known merchants. To get them you have to fill out a form asking for name, phone number, and bank account information—which a legitimate vendor would never request. Enter that information, and you become victim of identity theft and your bank account is emptied. Don't fall for it. This video tells more:
Example Scam: Coca Cola 24 Pack Giveaway Facebook
Allegedly the Coca Cola company is giving a free 24-pack to everyone who shares a post announcing that fact. In reality you are helping the scammers earn a commission, and you get nothing.
Example Scam: The “Free Airline Tickets” event
I got an invitation from a friend to join a Facebook “Event” whereby I could win free airline tickets simply by inviting 200 friends. The item claimed that Qantas airlines was giving away 17,000 free airline tickets! I didn't believe that claim, and checked with the real Qantas Airlines who confirmed it was a scam. What amazes me is how many people are so driven by greed as to carefully follow the instructions below without question.
Premium Account Trolling
Where you might expect to see a photo, you instead see a sign stating that the photo is only visible to Gold or Premium users. There may or may not be a link whereby you can send money to “upgrade” your account. If there is, do not send money. It is an old hoax.
Sometimes, on a friend's status timeline page, I read a heartbreaking plea or an urgent-sounding warning, which concludes with instructions to “copy and paste this post to your own status page—do not share, be sure to copy and paste.” So what do I do next?
Okay, I got suckered into copying and pasting a hoax. Now what?
You should delete it. Just posting a comment under it stating that it is phony will not effectively stop it from propagating, because many people may follow the copy-and-paste instructions without reading the comments.
Here is how to delete an item you have posted on your status timeline.
A friend posts an item claiming that “Facebook has a new algorithm”, and that to help them see more friends on their news feed, you need to comment on this post. Oh, and by the way, plese copy and paste it to your own status timeline so as to spread the word. What do you do?
Here's what I do. First, I ask them for the technical details behind their post. I write something like this:
I have been trying without success to get some solid technical information about this supposedly “new algorithm”—beyond what is an a copy-and-paste chain letter. Can you help me with some specific references? Among my questions are, (1) on which exact date was this “new” algorithm put into service? (2) Specifically, what was changed from the “old” algorithm used before that date?Usually my friend replies by admitting that they actually know nothing about Facebook's algorithms (which does not surprise me, because nobody outside the Facebook engineering team does), and that they have fallen victim to a copy-and-paste virus (see above).
Second, I give them the links to the articles below.
Even so, I am amazed at how many people who have spread this falsehood won't take it down (see “How to Delete a Post” above). Instead the try to retroactively justify their mistake with “well, it can't hurt though.” When I was a child, my mother told me that the harm in spreading a false rumor is simply that it is false, and that my friends would come to doubt anything I said.
Yes, I can see it, but please don't be so paranoid: Facebook does not limit anybody's “reach” (whatever that is). The truth is:
When a friend changed her Profile Picture, she noticed an announcement that she had changed her profile picture appeared on her Timeline. She quickly selected the announcement and invoked “hide from timeline” on it. Indeed, it was hidden from her timeline, but the same announcement also appeared in the Newsfeeds of her Friends who Follow her, and was not removed therefrom by her action of hiding it from her timeline.
Yet another Facebook virus is a forwarded message which claims that you should search for people following yourself by searching for “following me” and blocking the names which turn up. But really, this searching simply lists people who have the letters me in their names, not people who are following you. You end up blocking total strangers for no good reason. What a waste of time!
More about secret followers
For more reading
Copyright © 2010-2013 Richard C. Pasco. All rights reserved.