Just about every week, it seems, a new, breathless ALL CAPS virus or hacker ‘warning’ begins rocketing around Facebook. Generally, these messages are just so vague, misleading and inaccurate that they are virtually worthless as security warnings and should not be reposted.
A core recurring claim in many of these bogus warnings is that hackers can somehow magically hijack Facebook accounts and repost messages without the account holder having taken any action to allow this. The warnings generally claim that, if one of the ‘hacker’ messages appears on your timeline, the clever hacker can then spread it to all of your Facebook friends without you interacting with the message in any way. The suggestion is that, somehow, hackers can gain access to people’s accounts at will and post whatever they like, whenever they like.
However, these claims are simply nonsense. Hackers do not possess supernatural powers that allow them to take over Facebook accounts at will. Regardless of how clever a hacker might be, he cannot randomly access Facebook accounts whenever he likes. To allow such activities to take place, users must have first taken some overt action such as installing a rogue app, opening an attachment or website that harbours malware, or providing personal information via a phishing scam.
Of course, some rogue Facebook apps, if given the necessary permissions by a user during the installation process, may automatically post spam, scam or malware messages on the user’s profile. And, if the user inadvertently divulges Facebook login details via a phishing scam, then Internet criminals could subsequently access the compromised account and post any messages that they wanted to. But, to reiterate, the user must take some action – clicking a link, installing an app, divulging login information – before his or her account can be hijacked or misused.
To enhance your privacy and security and offer you a better user experience, Hoax-Slayer is now completely ad-free! Can you help us stay online?
Whenever I discuss one of these bogus warnings, a number of people dispute my findings. Typically, they claim that I am wrong to state that the messages cannot spread in the ways described in the ‘warnings’ because it happened to them or their friends and they ‘never clicked anything’. This article is likely to invoke more such comments.
But here’s the thing, folks. Perhaps you did not associate the link you clicked or the app you installed with the subsequent nefarious Facebook activities. But, one way or another, you DID take some overt action that allowed the scam or spam messages to be sent to your friends in your name.
If you receive one of the messages or it appears on your Facebook News Feed, then one of your friends has inadvertently allowed this action to take place. Just because they may deny this, it does not mean that it isn’t so. They may well have taken said action without realizing the consequences.
Since you’ve read this far……can I ask you for a big favour?
To enhance your privacy and security and offer you a better user experience, Hoax-Slayer is now completely ad-free. To keep the site online, I rely on voluntary contributions from site visitors.
If you found the above report useful, please consider supporting Hoax-Slayer by making a donation. Any amount you can give will be greatly appreciated.
You can donate using your credit card via the form below. Donations are collected securely via the online payment service Stripe. Stripe uses state of the art security to keep your data safe.