Facebook is sometimes used by criminals to spread viruses, steal people’s information, hijack their processing power, or sell fraudulent products. Facebook is a legitimate website and one of the world’s biggest social networks, miles ahead of its competition. Unfortunately, criminals, scammers, and fraudsters are attracted to big markets and over the years they have come up with many diverse strategies to abuse, cheat, and steal from users of Facebook. And while the website is always trying to protect its users, people still fall victim to the scams.
Facebook Virus quicklinks
- What is a Facebook virus?
- Malware in Facebook messages
- Examples of Facebook viruses
- “Dear Facebook user, congratulations!” scams
- Fake gift vouchers
- Facebook Profile Peekers
- Fake new message ads
- Hijacked Facebook preview links
- Facebook Antivirus
- Crypto miners
- FacexWorm extension
- video_xxxx.zip miner
- Information stealers
- GhostTeam malware
- Facebook.com phishing link
- Malware abusing Facebook’s API
- Facebook-hijacking Trojan
- How to get rid of a Facebook virus
- Automatic Malware removal tools
Although Facebook has had many issues with privacy, such as not properly securing people’s passwords, or trying to access people’s medical data, this post focuses on malicious activity from outside of Facebook. Although Facebook is responsible for keeping the data of its users protected, that’s not always possible. Online criminals come up with creative and dangerous schemes that even experienced users fall for. Let’s talk about the most common threats, their dangers, and how to avoid them.
What is a Facebook virus?
Many various digital threats can be considered as Facebook viruses. A few examples include:
- Scams working on the Facebook platform.
- Scams targeting Facebook users.
- Malicious files and links distributed through Facebook messages.
- Malicious sites imitating Facebook.com.
- Viruses that hijack Facebook accounts.
- Software that accesses your data on Facebook without your permission.
Malware in Facebook messages
A traditional virus can use the Facebook platform to reach many people and spread from friend to friend. Here is how a typical process looks like:
- You receive a message on Facebook from your friend. The message is out-of-character for your them, impersonal, vague. The message is encouraging you to open a link or download a file.
- You open the link, you’re prompted to install a program or download a file. You download the file and open it.
- A virus is installed on your computer or your browser. Its symptoms could vary, including these:
- Your computer is being strained.
- You start seeing excessive ads.
- Your browser settings, such as the homepage, are changed.
- Your data is recorded.
- Your files become unusable.
- Your friends are sent the same message that was sent to you.
Examples of Facebook viruses
Various fake giveaways, hoaxes, fake lotteries, fake antivirus scans online are used to manipulate people into visiting promoted websites and giving away their information. Facebook doesn’t do giveaways, but many people still fall for the fake messages pop-ups that promise unrealistic rewards. As a result, they have to put up with endless and possibly dangerous ads, unknowingly expose their information to third parties, and accidentally visit malicious websites.
Symptoms of facebook scams include:
- Being spammed with Facebook pop-ups offering prizes.
- Receiving unwanted messages.
- Being asked to transfer money to a friend.
- Being directed to unexpected and unwanted websites.
- Seeing alarmist warnings that demand some immediate action of you.
“Dear Facebook user, congratulations!” scams
A message impersonating Facebook is shown, encouraging people to follow instructions by promising prizes, for example, the newest iPhone. The scam results in victims being spammed with advertisements and information-stealing malware.
Fake gift vouchers
Fake gift vouchers are promoted on Facebook to drive people to certain websites and to gain access to people’s Facebook accounts.
Facebook Profile Peekers
A scam called “Profile Peekers” was tricking people to grant a third party access to their account. If you get a “Profile Peekers” link and follow its instructions, your Facebook account is spammed with unwanted online surveys.
Fake new message ads
Some websites display ads that are designed to look like Facebook notifications – either new messages or new friend requests. Sometimes, these ads lead to login sites that look like they belong to Facebook, even though they’re completely unrelated. This phishing scheme is often used to steal user information and use it to sign people up for paid services. The below screenshot, for example, leads payments via SMS for a worthless application.
Hijacked Facebook preview links
A security flaw in Facebook’s mechanism for styling links into preview boxes was exploited to make any link appear as if it leads to another website. This means that a link that looks like it’s from a reputable site could lead to an unknown one, possibly a malicious link. In the worst case, a Facebook link disguised as something innocent could actually directly download a virus.
A fake antivirus program was being promoted on Facebook. If you install it, it spreads to your friends and invents nonexistent problems with your account security. While online-only, Facebook Antivirus also tries to get you to download and install some desktop malware. To spread to your friends, Facebook Antivirus tags your photos and hijacks the notifications which are then sent to your friends.
Cryptocurrencies have been rising in popularity and value for years now, and in the gold rush, some people are willing to hijack others’ hardware resources to mine their own coins. Facebook is used to distribute malicious links and files that infect computers with unwanted miners. An infected computer’s CPU will start slaving for criminals.
Symptoms of Facebook miner viruses include:
- Your computer is working unusually hard for no apparent reason.
- The targets of your cryptocurrency transfers aren’t receiving their money.
- Unfamiliar websites are being opened independently of you.
It was reported in April of 2018 that Facebook accounts were being used to distribute a virus called FacexWorm. A message that comes from your friend’s account leads you to a spoof YouTube page that’s telling people to install a mysterious extension that happens to be FacexWorm. This extension sends the fake YouTube link to your friends, spreading the virus wider. It also steals your processing power, your Google credentials, steals your cryptocurrency, and directs you to scam sites.
In December of 2017, it emerged that a malicious zip archive was being distributed via Facebook Messenger. Downloading the video_xxxx.zip file delivers a crypto-miner that immediately starts exploiting your CPU for the criminals’ gain. Meanwhile, the malicious message is forwarded to your friends, spreading the virus.
If you see that your Facebook account is posting and commenting without your interference, maybe promoting some website or product that you have never heard of, that’s a good sign that it has been hacked. If you can’t log in to your Facebook account anymore, that must mean that someone else has changed your credentials. Your login credentials can be stolen using phishing, or spyware.
Phishing sites are designed to closely resemble Facebook’s real login site. The goal is to get you to type in your username and password and record it. Phishing is used to find people’s usernames and passwords to later hack their accounts. But even if your login data isn’t exposed, information that’s visible by looking at your Facebook profile could be used by scammers to gain your trust.
Password stealers like banking trojans are quite dangerous – their main purpose is to hijack your bank account and steal your money, but trojans have gained many more functions, such as downloading other malware and stealing Facebook passwords. There’s a report by Europol if you want to know more.
Symptoms of this type of viruses include:
- Your account is posting and messaging independently from you.
- You’re unable to log in to your account or recover your password.
- Apps and links are opening the Facebook login page even though you’re already logged in.
Security researchers have counted dozens of malicious Android apps that would show ads and steal Facebook credentials. Unwanted promotional content is the main symptom of these apps, but Facebook info stealing is more dangerous.
Facebook.com phishing link
In June of 2017, a new phishing site was described. With a URL that included “facebook.com”, it could easily fool people into trying to use this fake login site to connect to Facebook. As a result, those people’s usernames and passwords would be exposed to whoever created the site.
Malware abusing Facebook’s API
Sometimes a website or an app asks to access a few bits of information about you from Facebook to be able to personalize the service for you. Thousands of known malicious apps abuse Facebook’s API to harvest data beyond what you allowed them to know. These malicious apps and extensions usually want your information for advertising purposes.
The Terdot banking Trojan can hijack and track your actions on multiple social network accounts, including Facebook, as well as find your passwords. It’s distributed using infected files, so it requires you to download and run a file to get infected.
How to get rid of a Facebook virus
There are as many Facebook viruses as ways to deal with them. An antivirus program can remove trojans, miners, and spyware that are on your computer, but it won’t help you get back a hacked account – for that, you might need to contact Facebook. If intrusive applications have access to too much of your data, you can contact them and ask to have your data removed, as well as manage your Facebook privacy settings to hide your personal information.
|A virus infecting your device or browser||Scan and remove with an antivirus program|
|Hacked and inaccessible Facebook account||Contact Facebook support|
|An unwanted Facebook app has access to your account||Remove the app and contact them to remove your data|
|Your login credentials were exposed||Change your password and set up 2-factor verification|
There are a few things you can do to protect your computer, account, data, and your Facebook friends from being exploited by scammers and cybercriminals.
Be suspicious of links that come in messages, especially the ones that don’t address you specifically and that look out-of-character for your friend to send. A lot of malicious links on social networks are sent with generic spam messages that don’t address you by name. Likewise, be suspicious of unknown people wanting to be friends or inviting you to groups.
Manage your privacy settings and do not grant access to your Facebook account to any suspicious parties. Don’t install apps and extensions that you don’t know you can trust. There are thousands of malicious applications, even on official stores.
Keep your password complex, unique, and use two-factor authentication so that, even if your password is stolen, you can avoid losing your account. If you suspect that your password was leaked, change it immediately.
Update your browser and your operating system to the latest stable version. Plenty of security issues are fixed in updates, and criminals abuse them once they find out about them. Even if the issue’s been patched, there are going to be plenty of people who fail to update their software – criminals know this and take advantage of it.
Use a reputable antivirus program to catch suspicious and malicious software: I can suggest Spyhunter, or whatever professional and strong antivirus application you trust. Update your antivirus as soon as it needs you to and don’t ignore its warnings. Use it to scan files that you downloaded. Change your operating system’s settings to display the extensions of your files so that no executable can disguise itself.
Automatic Malware removal tools