We often hear many complaints from social media users that run along the lines of “Facebook gave me a virus” or “I got malware from Facebook”.
It’s a constant source of confusion for many. Can Facebook really give you a virus, or any other type of malware?
The TL:DR answer is this – Facebook almost certainly didn’t give you a virus, or any other type of malware.
For Facebook to have directly infected your computer, Facebook itself would have to have it’s own security compromised. Facebook have a large team of security professionals dedicated to not letting this happen.
I’m sure I got a virus from Facebook… are you sure?
So why do people get confused? Why do we hear people adamant that they got malware “from Facebook”.
It’s down to users not understanding enough about online security, and when they detect suspicious activity on either their computer or Facebook account, the simple explanation is to perhaps vaguely attribute the activity to a “virus from Facebook”, even though that it unlikely the case.
The more likely explanation to people believing Facebook gave them malware can be either –
1. The user installed a rogue Facebook application, which is spamming their newsfeed with links. However rogue Facebook apps are NOT malware. They’re installed on your Facebook account, not your computer.
2. Facebook (or a Facebook app) was used to lure a victim to a third party malicious website, and it was that third party website that tricked the victim into downloading the malware. As such, Facebook never gave the victim malware. The malware didn’t come from Facebook, and Facebook didn’t give anyone a virus.
Within the boundaries of Facebook, you are generally quite safe from malware. This means you can surf your timeline, the timelines of others, newsfeeds, pages, groups, events and any other page on Facebook without too much worry about malware.
What about those “hacker friend requests”?
An equally spurious myth is that you can get malware (or hacked) just by accepting a friend request on Facebook. This is also incorrect. While you should certainly not be accepting unknown or suspicious friend requests (we discuss the dangers here) just accepting the friend request shouldn’t be enough to get you into any real trouble (not unless you’re sharing way too much information with your Facebook “friends”.)
Those dangerous friend requests are usually only the beginning of a scam, not the scam itself. For example, as we mentioned above, scammers may be posing as a friend to try and lure you off Facebook onto websites that may try and install malware. There are also many other worries and concerns when it comes to accepting strangers on Facebook, but they can’t just magically give you malware or “hack” your computer because you accepted them as a friend.
Well my account is posting spammy links from my account, so I guess I do have a virus…
So to debunk yet another myth, if your account is posting spammy stuff from your account, it doesn’t mean you have a virus or any other kind of malware. Usually, if your account is posting links like this, it means you installed a spammy Facebook app and gave it permission to post as you from your account.
Facebook apps are not viruses. They’re not malware. They don’t have access to your computer like malware does.
If this is the case, you need to uninstall the app soon, by going to your settings and clicking Apps. You can learn more about what to do when your account starts posting spam in our blog post here.
Okay, but can Facebook apps give me a virus?
While Facebook apps are not malware, once again they represent another way scammers can use to try and lure you away from Facebook – and as we have already said – once you’re been lured away from the Facebook domain, malware infections are a possibility, so be careful on websites outside of Facebook.
Skip to the summary…
No, you are not realistically likely to get a virus or any other kind of malware from Facebook directly. You can surf Facebook safely.
However be aware that scammers use any number of methods – like friend requests, Facebook apps, spammy links and various social engineering tricks to try and lure you away from Facebook, and as soon as you leave Facebook’s boundaries, malware is always a possibility, especially on websites you don’t trust.
This article was originally published in 2012 but reworked in Sept 2016