The dangers of social networking:

The Do's And Don'ts For Most Social Networking Sites:

Most social networking sites, like Facebook or MySpace, are safe to use. However, because of their popularity, criminals are using them to spread malware. There are various methods they're using - like sending spam messages, luring to download malicious file, etc... Sometimes it may appear that a message is posted by your friend, but in fact, it's malicious.

More to read on the links below:

- Myspace & Facebook - SpywareInfo Forum
- 7 Things to Stop Doing Now on Facebook
- The Dangers of Social Networking
- 11 tips for social networking safety


Comparison between a fake and original Facebook notification:

Facebook notifications - fake and original


What do you pay attention to?
- does the message look legitimate? Watch out if this is the first time you've received a notification with such a text!
- look at the header of the message (From:); is the address of the sender the same as on the earlier notifications? (Please note that it should be the same for all your notifications!)
- move the mouse over the link and look if the link really goes to Facebook - http://www.facebook.com (the address should appear at the left bottom part of your browser window).
- does it contain an urgent request to provide any information or change your password? Be suspicious of any messages like that!
- for more information see the Facebook's Help Center:
Security: Suspicious emails and notifications
Note: you can report fake email notifications here.

Some spam samples - fake social media e-mail notifications: Social Network Attacks Surge (Symantec blog).


Like-/Clickjacking spam:
Examples:

An old format:
Likejacking - example

Likejacking - example

Likejacking - example

A new format:
Likejacking - example

More to read here:
- Myspace & Facebook - SpywareInfo Forum
- "Likejacking" Takes Off on Facebook (ReadWriteWeb)
- Facebook Worm - "Likejacking" (SophosLabs blog) - instructions on how to remove the spam messages from your Profile at the bottom of the article.


A survey scam:
How to spot a Facebook Survey Scam (facecrooks.com)

So why do they go through all of this trouble? In a word Ė MONEY! What the scammers donít want you to know is that each time someone completes one of their silly surveys they get paid.

Some of the scams require you to provide your name, address, date of birth, cell phone number, etc. This information can be used by marketers, hackers and identity thieves to wreck havoc in your personal and financial life.
Source: facecrooks.com


An example of a fake message - clicking the link may result in falling into a survey scam:
A survey scam - example

How it works: [Scam Alert] My Top Profile Viewers


Accessing Facebook from unsafe networks or computers which cannot be trusted (eg. public computers):

See this video: Using Advanced Security Features (Facebook Security):

  • enable Secure Browsing (https): Account Settings page --> Account Security --> check "Browse Facebook on a secure connection (https) whenever possible" --> Save

  • enable login notifications: also available in the "Account Security" settings - "when a new computer or mobile device logs into this account, send me an email or a text message"

  • use one-time passwords: "Simply text "otp" to 32665 on your mobile phone (U.S. only), and you'll immediately receive a password that can be used only once and expires in 20 minutes. In order to access this feature, you'll need a mobile phone number in your account."
    (More Ways to Stay Secure Facebook)

For additional security, consider using Login Approvals: it is a Two Factor Authentication system that requires you to enter a code we send to your mobile phone via text message whenever you log into Facebook from a new or unrecognized computer.


Additional reading:
- Facebook Security (an official site)
- The Family Safety Center
- How To Help Your Friends with Security Issues (includes:
Malware, Hacked and Compromised Accounts, Money Transfer Scams, Clickjacking)
- Four Things you need to do if your Facebook account gets hacked
- A Guide to Facebook Security (PDF) - for young adults, parents and educators; protect your Facebook account, avoid the scammers, use advanced security settings, recover a hacked account, stop imposters

Published: 21 May 2010
Updated: 23 August 2011