4 Reasons spammy Facebook apps are dangerous

ByCraig Haley

Apps on Facebook can potentially be very dangerous for those who do not know what to look out for, and rogue apps circulate the site daily. Here are 4 reasons why you should be careful when choosing what apps to install on your Facebook account.

It has long been argued that the biggest chink in Facebook’s armour in terms of security is through their Facebook App platform, with spammy, dangerous and malicious apps circulating the social networking site on a daily basis.

A large part of this is down to the fact that Facebook apps are mostly developed by third party developers, and undergo a relatively basic vetting procedure. This means both criminals and spammers can develop apps designed to cause harm, and get them to run in the Facebook environment.

Now to be clear, despite much misinformation about spammy or rogue Facebook apps, they are not viruses or any other type of malware. They do not have direct access to your computer and cannot corrupt or modify the files stored on your computer, which cannot be said about malware.

This doesn’t mean Facebook apps cannot be malicious though. As we explain with the following points.

Rogue apps can lead to malware

As we previously asserted, rogue Facebook apps are not malware, because they reside on your Facebook account, not your computer, and thus they cannot directly interfere with the goings-on inside whatever device you use Facebook on.

But that doesn’t mean they cannot lead to a malware infection. Facebook Apps can direct users who install them to external webpages outside of Facebook. And it is these webpages that can trick users into installing malware.

For example a user installs a Facebook app on their account. Once installed, the Facebook app directs users to a spammy webpage that implores the user to install a “plugin” to watch a video.

Only the plugin isn’t actually a plugin. It’s malware. The victim agrees to let the plugin install, and voila – malware infection. This is a pretty typical example of how a Facebook App can lead to malware when combined with the tried-and-tested fake plugin modus operandi. Of course the social engineering aspect of these scams can differ depending on what version of the scam you come across.

We have a YouTube video here on our YouTube channel that shows exactly how a rogue Facebook app/fake plugin combo works.

Such apps can also lead to phishing scams that compromise your Facebook account by directing users to a spoof Facebook login page that steals the login information entered into it.

Rogue apps can lead to identity theft and spam

It they don’t lead to a malware infection or a phishing scam, there is a good chance they will lead to some type of intrusive survey scam. Survey scams are used in conjunction with social engineering techniques whereby victims are promised something in return for jumping through several hoops, one of which is completing surveys.

facebook-app-survey
A request to do a spammy survey.

More often than not, whatever was promised by a scam doesn’t exist, but the victim only discovers this once it is too late and they have completed the survey or questionnaire.

Such surveys are often intrusive, and harvest a user’s personal information, including their contact information. This can lead to spam, or worse, identity theft.

An example could include a Facebook App that promises to provide a gift voucher, once installed it directs to a spammy page asking the user to complete “affiliated offers” that involve parting with a lot if your personal information. Once this is completed the victim finds themselves on spammy websites asking for more and more details, with no end in sight, and any hope of getting said voucher quickly fading.


Sponsored Content. Continued below...




Rogue apps have access to YOUR personal information

When given the appropriate permissions, rogue Facebook apps can access the information you upload to Facebook. This includes basic information like your name, likes, networks, friends and gender. It can also request to use your photos and videos, as well as other information about you.

Needless to say, giving a third party app whose developer you neither know nor trust isn’t such a great idea.

To Facebook’s credit, in the last 4/5 years they have greatly reduced the power that Facebook apps have in terms of how they treat information, banning developers that were caught selling personal information they gleaned from users accounts as well as shutting down the ability for Facebook Apps to collect any information from the Facebook friends of those who installed them. But handing over your information to shady characters on the Internet is still never a good idea.

fb-app-blackhead
A post made by a Facebook App that lures users to spammy webpages.

Rogue apps put your friends at risk

Even if you’re less concerned with your own online wellbeing that you should be, it doesn’t mean you get to put your friends at risk through your own recklessness.

Spammy Facebook apps have that annoying habit of being, well, spammy. And a big part of being spam means self-propagation. Developers aren’t content by duping you, they want to dupe your friends as well, which is why such a prevalent symptom of installing a rogue Facebook app is its ability to post spammy or even malicious links from your account, whether these appear to come from your timeline, posting them onto friends timelines, or even through Facebook Chat.

We have an article here on what to do if your Facebook account starts posting spam, and the possible reasons why, which include installing rogue apps.

A few other things spammy Facebook apps can do…

– Direct you to bogus retail websites selling counterfeit or fake goods.
– Direct you to clickjacking websites or pages laden with sponsored ads that make money for the scammer.
– Direct you to websites that attempt to install malicious browser extensions, much in the same way they can lure you to malware laden websites.

Whilst many Facebook Apps are harmless and just fun, many are not, and it is important to know early on if you’re being tricked. Always be wary of Facebook Apps that direct you away from the Facebook website and be aware that many developers out there have nefarious intentions.

Never part with your personal information, never agree to download anything the App directs you to, never part with your personal information and if you think something is suspicious, leave the page and uninstall the app from your settings section, always agreeing to the option to remove any posts or content that the app may have left in its wake to help prevent your friends stumbling upon the same spammy app.

Keep up-to-date with all the latest cybersecurity threats and our tips to stay safe online. Follow us on Facebook, Instagram and Twitter.

Continued below...


Thanks for reading! But before you go… as part of our latest series of articles on how to earn a little extra cash using the Internet (without getting scammed) we have been looking into how you can earn gift vouchers (like Amazon vouchers) using reward-per-action websites such as SwagBucks. If you are interested we even have our own sign-up code to get you started. Want to learn more? We discuss it here. (Or you can just sign-up here and use code Nonsense70SB when registering.)

Become a Facebook Supporter. For 0.99p (~$1.30) a month you can become a Facebook fan, meaning you get an optional Supporter Badge when you comment on our Facebook posts, as well as discounts on our merchandise. You can subscribe here (cancel anytime.)