How a Typical Facebook Scam Works?

H
Published in: Facebook - scam

If you have been on Facebook for a decent amount of time, you may have definitely come across videos posts on your news wall that have an enticing title and an innocent thumbnail but upon clicking, the link takes you a scam website.

How do such scams happen on Facebook and why do they go viral so quickly? If a trusted friend is sharing such links with your, does that mean her Facebook account is hacked or does she have a virus on her computer that is quietly posting these dangerous links on her behalf? Not really.

Matt Jones, who works with the Data & Security team at Facebook, has recorded an informative screencast video where he walks you through the various type of scams that happen on Facebook.com and why do they happen. Most scams require Facebook users to copy-paste some JavaScript code into the browser’s address bar and as soon as they do that, the rogue post is automatically published to the walls of all their Facebook friends.

Facebook Scams and XSS

Interestingly, according to Matt, Google Chrome and Safari are the only browsers that are susceptible to this kind of cross-site scripting (XSS) vulnerability while IE and Firefox are relatively safe. And since the malicious JavaScript code is often hidden inside Flash videos, Facebook isn’t able to detect it. Maybe the solution is that they allow video embeds from trusted websites.

Published in: Facebook - scam

Looking for something? Find here!

Meet the Author

Web Geek, Tech Columnist
A
Amit Agarwal

Amit Agarwal is a Google Developer Expert in GSuite and Google Apps Script. He holds an engineering degree in Computer Science (I.I.T.) and is the first professional blogger in India. Read more on Lifehacker and YourStory

Get in touch