« Return To List

Are there risks to using Facebook?

These days there are more than 500 million active users on Facebook. The average user has 130 friends and people spend over 700 billion minutes per month using it. There are also over 900 million objects that people interact with (pages, groups, events and community pages)*. That is a lot of people and a lot of activity on one site. Looking at these numbers, Facebook is certainly the place to be for social interactions. However, it also makes Facebook a big target for hackers and scammers.

Facebook DangersFacebook has seen numerous hoaxes and malicious files over the years. Some of them have been harmless false information along the lines of "Facebook is going to start charging. Repost this if you are against paying for Facebook". Even though that in itself is harmless to the user's PC, many users went ahead and reposted these types of status messages.

A step up from that is a posting that appears to come from a friend that says they are stranded overseas and need money right away. These are from accounts that have been hacked and then used to try and fool people by appearing to be one of their friends. People falling for this type of posting would send money via a wire transfer or something similar and then be scammed out of that money.

To hack into the friend's account in the first place, they could have used a hoax application. Many people use various different apps on their Facebook accounts. They could be anything from games to surveys to geo-locators (apps that announce where you are) and a host of other applications. Most if not all of these apps request access to your account. That may be fine for legitimate apps, but allow the wrong kind of app to access your account and you could be giving full access to your account to the hacker. One of these apps we blogged about back in January used a photo album chat message to trick people into downloading a malicious file that appears like a photo viewing application.

Another more well known hoax app was the one claiming to add a "dislike" button. Posts that looked like they came from your friends looked like the following: "I just got the Dislike button, so now I can dislike all of your dumb posts lol!!" The link that followed the post prompted the user to install a fake Facebook application. If you gave permission for the application to access your profile, it then updated your status with the same post clicked on to get it. It then tried to get the user to install an add-on for the Firefox browser after completing a survey in order to get the Dislike button.

Other ways hackers can get to user accounts is by using fake ads that can trick people into infecting their PCs. But one of the easiest ways a hacker can get into a user account is when the user accesses their Facebook account from an unsecure wireless network, such as a WiFi Hotspot. By default, the Facebook page goes to http://www.facebook.com/. There are add-ons to browsers like Firefox that can see a user's username and password information when connected to the same unsecured wireless network. The way to prevent this from happening is to either make sure the wireless connection has an encryption key or if you must use an unsecured wireless connection, to use https://www.facebook.com ("https" instead of "http"). This will keep your log in information hidden.

While Facebook is now an important part in our society, one should be wary of Facebook posts and applications, even if they appear to come from friends.

*stats from Facebook press room on 4/14/2011

« Return To List

Newsletter Signup

Full Name:

Email Address: