every now and then, you might have seen a post inviting you to click on a link and execute some crazy and weird instructions saying you'd be able to view who viewed your profile.
but know this, facebook has said it that they would not implement that -- letting you know who viewed your profile.
here's what facebook has to say: "no, facebook does not provide the ability to track who is viewing your profile, or parts of your profile, such as your photos. applications by outside developers cannot provide this functionality, either. applications that claim to give you this ability will be removed from facebook for violating policy. you can report applications that provide untrustworthy experiences by clicking the "report application" at the bottom of the application’s about page, or by clicking "report" at the bottom of any canvas page within the application." (http://www.facebook.com/help/?page=840)
so some people devised something. they created some form of deception that claims to make you view who viewed your profile. turns out that this actually doesn't do what it claims to do. for how can it do such when only facebook has such data and they refuse to do the same?
after some research, here's what happens. they give you a site to visit which asks you to copy some weird javascript and asks you to paste it in the address bar of your browser. so what does it do? it only copies some data inside your computer (which facebook uses so it could validate who you are) and sends these data to their servers (not facebook's).
so what happens now? well, with that data, they can "clone" that validation code and pretend that they are you. so they now have access to your account.
"so what?" you say? well, if they have access to your account, they can do crazy stuff: they can post as you, add and delete your friends, and even change your password so you can't get in in your own account.
they can even start an argument with your best friend in such a way that your bestfriend could become your worst enemy. they could even spread the site they made by posting a link on your wall so your friends would think that you actually posted it. well, they actually use this method in order to spread the site.
why do they do this? some people pay facebook for a couple of reasons by using credit cards. and stealing information from computers is actually an easy way to get ahold of credit card information, which means, they could buy something online using credit cards they don't actually own.
another reason why people do this is to harvest email addresses. these email addresses may then be sold to spammers. so it ends up that these guys earned some money and you get spam in return.
so what do you do? disable the rogue application (if you have gone through a window asking you to give approval of an app to have access to your information) and change your password.
how do you disable the rogue application?
click on account.
click on privacy settings.
under apps and websites, click on edit your settings.
at the right of "apps you use", click on edit settings.
you now see all the apps you have given access to your account. check all the apps and weed out those you can't trust by clicking the x button (to the right of edit settings) and delete that app.
and lastly, did i say change your password?
help your friends from being a victim of this scam. share this note.
