Facebook apps come in dozens of varieties with hundreds of examples in each category. There are quizzes, games, tools and other apps that let you rank everything from your favorite albums to the celebrities you'd like to meet. Each of these apps requires you to install a few lines of code to your Facebook profile. From your point of view, all you have to do is click a button on a page, indicate that you accept the user agreement and install the app.
That was a problem with some early Facebook applications. In order to function, most applications need to access some of your information. Early apps would often access far more information than they required. That meant the developers of those apps could access a great deal of personal information about users. Facebook tried to put a stop to this and demanded that developers only request access to information that was necessary for the app to work the way it should.
There are several indicators that can usually clue you in to a scam. Two major red flags that something underhanded is going on are a request for a password or credit card information. Scammers collect passwords or credit card numbers and use that information to take advantage of the victims. These requests might seem perfectly innocent in the context of the app but they should set off alarm bells in your mind. Again, do a little legwork and research the app before you take the plunge.
If an app tries to take you to a new page, pay attention to that page's domain name. Some scammers are clever enough to create a mockup of a real Facebook page with a request for your password. If the domain name seems fishy, you shouldn't insert your password. Pop-up messages that advise you to download or install an additional application after you've already started the process are another potential sign of malware. Installing these programs may infect your computer with a virus.
Sometimes one of your friends will fall victim to a scam and you'll receive messages that appear to be from him or her. These messages usually ask you to visit a link included in the note. You should send a message to your friend to confirm that it's a legitimate link. It's possible your friend's profile has been compromised and the message was sent to you automatically. If the wording of the message seems odd or unlike your friend's normal style, that's another indicator that something questionable is going on.
There's a special name for the way scammers manipulate victims like this: social engineering. While it's true that malicious hackers known as crackers sometimes pierce a system's security by using various software tricks and hacks, it's also common for people to willingly give up information. The scammer just has to make the victim want to share. There are a couple of common ways scammers trick people into sharing:
They appeal to the victim's vanity with a message that suggests the victim can be seen in a compromising or funny way at a certain Web site. The link to the Web site actually leads the victim to downloading malware.
They make promises of get-rich-quick schemes.
They tempt the victim into sharing a credit card number, then commit credit-card fraud.
Next, we'll look at what you should do if you're victim of a scam.