Beware Facebook dislike button scam

Facebook headquartersPaul Sakuma/AP/Press Association Images

A fake 'dislike' button has been catching out Facebook users. The experts warn that if you fall for this scam, it will run code on your computer, and could leave you vulnerable to criminals.

So what do you need to watch for, and what are the most worrying Facebook scams?

The scam

The scam appears as a link on your wall saying 'Facebook now has a dislike button! Click 'Enable Dislike Button' to turn on the new feature.' If you click on the link it will immediately post itself to your profile - thereby spreading it to your friends. In addition it will run what the experts call 'obfuscated Java' on your computer.

It essentially means you are giving criminals permission to access your profile, post spam and get you to complete online surveys to give them yet more information about you.

Security experts. Sophos, say: "As we've explained before, there is no official dislike button provided by Facebook and there isn't ever likely to be. But it remains something that many Facebook users would like, and so scammers have often used the offer of a "Dislike button" as bait for the unwary."

Protect yourself

This scam has run before, most memorably in August 2010. In both instances, the scammers use a genuine piece of software as bait. It was developed by Thomas Moquet, and is available through Firefox add ons. The scammers are merely using it to get users to download their rogue app.

If you have downloaded something you are worried about, it's worth deleting it from your account as soon as possible, revoking the right to access your data, and reporting it to Facebook.

It's also worth keeping your virus software up to date, so it can keep an eye on whether anything malicious has been downloaded from Facebook - or indeed anywhere else.

Top three scams

This is one of the top three Facebook scams of 2012 so far. The others include:

Facebook Cashback scam

This was the big news of last week, where scammers were faking a cashback offer. They told users they could link their debit card to their Facebook account and earn 20% cashback whenever they spent any money.

They use this as bait to get users to accept their application - which immediately posts to their friends. They then take your debit card details for their own criminal purposes.

See who has been viewing your profile

These scams have come in a number of forms, but what they have in common is they offer a link to an app that supposedly lets you see who has been accessing your profile. If you click on it and let it access your account it messages your friends with the same scam.

It then has access to your account, and the ability to download malicious code onto your computer. The experts highlight that there is no way of telling who has been viewing your profile - so these sorts of apps are always a scam.

The top 10 scams of 2011
See Gallery
Beware Facebook dislike button scam

Land banking involves plots of land offered for sale, often online, with the promise of sizable returns when planning permission is approved for housing or other development. Yet often the land is located in areas protected from development by planning law.

The companies involved soon disappear with investors' money and as the firms are not protected by the Financial Services Authority, their funds are not covered by the Financial Services Compensation Scheme

It is reasonable to assume that if you take out a mobile phone contract at £30 a month for 24 months that's exactly what you'll pay unless you exceed the tariff. Yet mobile phone providers have come under fire for a snag buried in the small print – a clause to allow mid-contract price rises.

Prices are rising by a median of 81p a month and 70% of consumers are completely unaware off this sneaky move, according to Tesco Mobile, so be sure to check any new contracts before you sign the dotted line.

Fraudsters recruit unknowing accomplices through email under the guise of offering employment, seeking a personal favour, or through internet shopping sites. The recruits are persuaded into receiving what are essentially fraudulent payments and then passing funds on.

The 'mules' are frequently offered a small financial incentive to encourage involvement and face difficulties in proving their innocence when the fraud is discovered.

The scams claim to offer people the chance to profit from carbon credits. Under regulations that permit businesses to emit a tonne of CO2 – the companies claim to offer investment in green projects like a forestry scheme or a solar panel project, which generates carbon credits that are then sold on to heavy industry.

A flashy brochure or website tells of a reliable 'government-backed' scheme which provides reliable returns for investors. Such a scheme doesn't exist however – a reality investors only discovered when they have parted with their cash and the company is untraceable. As with land banking, fraudulent companies are not covered by the FSA so victims have no course for recompense

Receiving an email from the taxman saying you are owed a payment may seem like a nice surprise, but it is actually from fraudsters trying to relieve you of your cash instead.

The emails provide a "click-through link" to a cloned replica of the HMRC website. The recipient is then asked to provide their credit or debit card details - all the information the criminals need to clear your account, and sell on your personal details.

Insurer Direct Line reported a hike in the number of 'crash for cash' scams last year – where fraudsters fake accidents by making unnecessary emergency stops at busy roundabouts or slip roads, forcing motorists to crash into them.

They then make bogus claims to the innocent motorist's insurer, often including fictitious injuries and passengers.

Learner drivers have been taken for ride by being unknowingly taught by trainee instructors. An investigation by the AA found up to 27,000 extra driving tests have been failed in the last year because one in 10 learner drivers are unwittingly taught by an instructor they do not know is learning on the job.

July saw the arrest of a Leicester postman who stole £46,686 worth of mail over two-and-a-half years. Yogeshbhai Patel, 38, was jailed for two years for stealing mail including 2,000 DVDs and 2,250 games along with CDs and other electrical equipment. He intercepting the valuable packages and spent the money on living a luxury lifestyle including helicopter rides and a trip to Las Vegas.

The Trading Standards Institute reported over 200 cases where elderly homeowners have been targeted by telephone cold callers, purporting to be from their energy supplier and offering energy saving devices which could cut their bills by 40%.

The TSI tested the devices in homes where owners had fallen for the scam, only to find they both failed to satisfy electrical safety standards or deliver any tangible energy savings.

Thermal cameras that track ATM pin numbers are the latest weapon in their arsenal and US scientists have warned it is the next threat for this form of crime. Researchers at the University of California at San Diego found that up to 45 seconds after a person types their pin code into an ATM machine or door entry pad the numbers and even the sequence are still readable by thermal cameras.


More stories
Read Full Story