It seems like a new scam that hits Facebook every few days. The “Find out who visits your profile” scam is not new. However, it is claiming a TON of victims, even the more more tech-savvy folks. So, what exactly is this virus trying to do and what is the best way we can protect ourselves.
Like many other Facebook scams, the first order is for the virus to gain access to your Facebook account. This is not by getting your login credentials, all you have to do is click a link posted on your wall or someone else’s wall. Of course, the scammers have made the link very appealing by offering something many people would just love to know, but Facebook won’t tell you: a comprehensive list of all the people viewing your profile. This is what an email might look like (notification about a link posted on your wall):
“LOL !! Me cant believe that you can see who is viewing your profile! I can see the TOP 10 people and I am really OPENMOUTHED that my EX is still checking my Pix and my Profile. You can also see WH0 CHECKS YOUR PR0FILE here)”
Above all, you must understand that this scam will not work if you just DON’T CLICK THE LINK! It really is that simple, don’t click and don’t opt-in. If you click the link, however, and you are also logged into your Facebook account when you do, then this virus immediately goes to town posting this same scam link and content on your friends’ walls. Once it starts, you can’t stop it. Then it is damage control time – the only way to repair the damage is to visit each of your friends’ walls one-by-one and remove the post, or contact them all with a warning and hope they haven’t already clicked that link too.
Now, there is an email component to this Facebook virus for those who have chosen to be notified via email when someone posts to their wall, we’ve seen a surge in submissions of this scam to a website called PhishTank, the anti-phishing site operated by OpenDNS (awesome DNS services btw, call us or email us to get your business setup with this DNS service and save yourself some headaches). Here is the funny thing though… OpenDNS says that this scam will not be confirmed as a phish (definition) because it is solely within Facebook. Nuts!
Obligatory cautionary message about social networks:
When using any social network, you and you alone are accountable for your own safety. The most important thing to remember is: if there is even a shred of doubt… don’t click that link!. Facebook offers this bit of (oft unheeded) advice:
“Always use caution when clicking on a link or opening an attachment, even if it’s been sent or posted by a friend or other reputable source. If you have any doubt, get confirmation directly from the sender. Be especially wary of messages that include attractive offers or urgent requests, and watch out for links that require you to immediately provide a login and password.”
Keep safe out there!
360-797-5784 or 907-748-2200