Facebook accounts are preferred targets of hackers and scammers these days, and it’s easy to see why.
With roughly 3 billion users worldwide, the Facebook community at large offers hackers an enormous opportunity for scamming their way to ill-gotten gains and/or the twisted satisfaction that some receive from wreaking havoc on a massive scale.
It isn’t Facebook’s fault, really. After all, they provide all the technical tools we need in order to keep our accounts safe from hacking attacks.
But that being said, there are a few privacy and security settings that need to be tweaked a bit in order to make your account as safe as it can possibly be.
It’s easy to fall victim to miscreants on Facebook, but there are some things you can do to protect yourself. Most of them are just plain common sense…
First secure your account on a technical level by enabling Two-Factor Authentication on your account and choosing a strong password that’s easy to remember.
Next, never respond to a post on your Timeline, in your Newsfeed or in an instant message asking you to click a link to “verify your credentials” or “provide your login information”. Facebook will never make such a request in one of those ways.
While there are indeed a handful of situations in which you’ll be asked to verify your password after you’ve already been logged in, they will always be in response to an action that YOU have initiated.
The second thing to remember is that apps and games aren’t always your friends.
Facebook is home to thousands of useful and legitimate apps and games that people use day in and day out, but this expansive catalog makes it easy for hackers and general miscreants to trick users into enabling and using apps and games that are nothing more than fronts for scams.
Note: Some of the worst offenders are quizzes such as the ones from NameTests. That’s why I recommend that you avoid them like the plague!
If someone suggests that you try out an app you’ve never heard of, message them before you add it and ask them if they really use that app and if they really sent the suggestion. Just because it appears that something was sent to you from a friend doesn’t mean it really was.
Next, always be suspicious of emails that appear to have been sent to you from Facebook.
Never, ever click a link to Facebook that comes your way via an email that you weren’t expecting to receive. Instead, log in to Facebook in the usual way (by typing the URL into your browser manually or clicking a bookmark link), then look at your notifications to see if the event mentioned in the email really took place.
It’s always wise to remember that email is one of the most insecure methods there is for communicating online. And Facebook’s Instant Messaging service is right there with it!
Beware of clicking unfamiliar external links that show up in your news feed or on your Timeline, even if they appear to have been sent from a trusted friend. Once a hacker breaks into an account he/she can pose as that user, and it might be days or weeks before the fraudster is found out, if ever.
Be aware of what your friends are sending out. If you see a post from a “friend” that you feel is way out of character for them, chances are they didn’t really send it.
If possible, contact that person in some way that doesn’t involve Facebook (call them, send them a regular email, etc.) and ask if it was indeed sent by them.
If not, recommend that they change their password immediately and enable Two Factor Authentication to secure their account from hackers.
Also, keep tabs on your own Timeline. The vast majority of items that show up on there were probably posted by you or by one of your friends. If you see something on your Timeline that doesn’t look right, delete it and change your password.
And finally, be careful about accepting friend requests from people you don’t know.
While there are legitimate reasons for accepting friend requests from strangers on occasion (common interests, people from back home, etc.), those requests should always be given an extra amount of scrutiny before being accepted. Here are a few things to look out for:
1 – How old is the account? If it was created within the last week or less, I recommend ignoring the friend request unless it came from someone you know personally AND you know they recently opened an account.
If there’s any doubt you can verify the account’s legitimacy by sending the person a private message and asking them a question that you know they (and not a random hacker) should be able to answer.
If they cannot answer a question they obviously should know the answer to, it’s a pretty safe bet the account is fraudulent.
Oh, and be sure to ask a question that can’t be answered simply by looking at the info on another account that belongs to the person (even though it’s against Facebook’s Terms of Service, some people do have multiple accounts).
2 – What do the photos in the galleries look like? Do they appear to be photos that would be taken in the normal course of life or were they possibly “lifted” from some other place on the Internet such as a stock image site? Be especially wary if the photos tend to be revealing pics of a member of the opposite sex.
3 – What kind of posts are on the Timeline? Are they the normal types of posts you are used to seeing from your friends or are they spammy in nature?
If they appear spammy, odds are the entire Facebook profile is a scam.
4 – Did the friend request come from a person you’re already friends with? If so, the new friend request was likely sent from a cloned (i.e. fake) account.
While some Facebook users do open multiple accounts for various reasons, most do not.
There’s actually a scam making the rounds right now in which scammers are cloning real user accounts and using them to “friend” the real account’s existing friends and then using the fake accounts to scam those folks in some way.
This post has more info about that very dangerous scam.
I hope this helps you stay safe as you go about your business (or pleasure) on Facebook. Good luck and stay safe!