Malware distribution in social networks appears to be turning into a steadily growing trend. This tutorial encompasses the description of the most common patterns of malware propagation on Facebook, and provides tips on how to eliminate the risk to enjoy social networking to the fullest.
Criminals are getting really good at tricking you into clicking links to fake Facebook apps like ones that promise to show you exactly who is viewing your profile, which will never happen by the way.
And then, what happens is you click that link, and depending on what kind of scam it is, you can get a computer virus or spyware, your passwords can get stolen, hackers can extort money from you, or you can turn into one of the annoying friends who annoyingly post spam on other people’s walls. Don’t be that person.
Usually people get Facebook malware because they fell for a spammy wall post message or group. I always know it’s spam when I get sent a weird link from someone who I never talked to. So if you are the least bit suspicious about a link, don’t click it. Hover over that post with your mouse and click the X, in that menu click ‘Report post or spam’, and Facebook will take it from there.
You can also do that if someone posts spam as their status. Sometimes it will look like a normal status that says something like: “Did you hear Facebook is finally getting a ‘Dislike’ button?”, and then there will be a little link at the end of it. Again, don’t click it, especially if it sounds too good to be true.
A lot of spammers will post shortened links using services like bitly.com, so that you cannot see the URL until you click it. So if you ever see a shortened URL, go to services like LongURL.org, paste it there and you will get a safe preview of the link. And then, if you find out that it is spam, hover over the post, click the X and mark it as spam.
Another way you can get into trouble is if you install a malicious app. Sometimes you don’t find out until it’s too late and the app has used your account to spam other people or add weird things to your profile. If you think you’ve installed a bad app, head to Facebook, click the arrow in the top right-hand corner and select ‘Account Settings’ from the drop-down menu. Then in the left menu choose ‘Apps’ and click ‘Edit’ next to apps you use. Now you are finally at the page where you can delete apps. Just click ‘Remove app’ next to any app you want to delete. And while you are here, delete apps you don’t use because they probably have permission to access your personal information.
Some apps require you to download software that can cover your account with ads, make your pages load slowly and compromise your security. This is called adware. To see a full list of known adware programs, visit www.facebook.com/help/adware.
Remember Facebook ads will never appear as banners in the center, top or left column on Facebook. If you are seeing ads in these locations or ads that flash or play sound automatically, you probably have adware.
If you have downloaded one of these programs, you can clean up your account by removing any suspicious plug-ins on your web browser. Here is how:
- To disable browser add-ons in Mozilla Firefox, click Tools=>Add-ons=>Extensions.
- If you use Safari, click Safari=>Preferences=>Extensions.
- With Google Chrome, click Window=>Extensions.
- Finally, if you use Internet Explorer, click Tools=>Manage Add-Ons=>Toolbars and Extensions.
Once you get to your extensions page, review the list of plug-ins and remove any that look suspicious.
Now, if adware is not a problem anymore but you still observe some other strange activity and you think you might have malware and your Facebook account has been hacked, there are a few other things you can do. First, change your password right away. You can do this by going to ‘Account Settings’, then under the ‘General’ menu item click ‘Edit’ next to ‘Password’. Make sure the new password you are entering is different than all your other passwords, because if a hacker steals your Facebook password and it works for your email account, he can use it to get into that too. Go to www.passwordmeter.com to see if the passwords you are choosing are strong enough. A good secure password will have upper-case and lower-case letters, at least one number and a special character like a question mark.
While you are in the ‘Account Settings’, choose ‘Security’ menu item on the left and click ‘Edit’ next to ‘Secure Browsing’. Enable ‘Browse Facebook on a secure connection (https) when possible’ option so that third parties cannot hijack your Facebook session. Also, in order get notified if someone logs into your account from a location that Facebook does not recognize, hit ‘Edit’ next to ‘Login Notifications’ and enable the corresponding options. This is recommended to do for you to know if someone is logging into your account without you knowing that.
Changing your password only fixes one type of hack. Other kinds will install malware like spyware or viruses on your computer. Whether or not you think you have malware, you need to make sure you have antivirus software. AVG or Avira are free and highly recommended.
Also, make sure you are updating your operating system. Microsoft and Apple release security updates that fix vulnerabilities in your software. For Windows, go to ‘Start’, then head to ‘Programs’ and ‘Windows Update’. On a Mac, go to the Apple menu and select ‘Software Update’.
Now that your software is up-to-date, you’ve removed bad apps and fixed your Facebook account and privacy settings, you are already a lot safer. Do everybody a favor and ask your friends to do the same thing.