A new scam going around Facebook recently begins with a message to page owners about a new “Fan Page Verification Program.” From there, users are prompted to share their Facebook email and password, which is part of a phishing scam.
Similar to another scam that targeted page admins in the past, the message purports to be from Facebook Security and is designed to trick users into sharing their Facebook login information. This latest scam, detailed by Hoax-Slayer, tells page owners that they qualify for a new security feature and must choose a 10-digit security code by May 30, otherwise their page could be suspended. The message includes a link to a site with form fields for their page URL, email address, password and a “transferring code” of their choice.
Page owners should beware of phishing attempts like these, remembering to never enter their Facebook password anywhere outside of Facebook.com and being careful about sharing any information in third-party apps and page tabs.
Facebook today released a new version its iOS app to include a way for users to change their cover photo and a number of updates related to group messaging. A subtle but significant change not mentioned in the app’s release notes is that the option to hide a post or ad and mark it as spam is now a different color, making it much harder to see.
The images below show what the button looks like on organic posts and suggested posts. Users can still hide a story by clicking the V shape in the top corner, but they might not be able to see the option from their mobile feed. The icon is practically invisible on ads, which could reduce the amount of negative feedback they receive. This could lead Facebook to believe that users are more pleased with their feed than they actually are.
Some Facebook users have fallen victim to a new phishing scam, which takes over a user’s Facebook account, Liking pages and posting links on their behalf, according to PC World.
The scam reportedly begins with an email that prompts users to download a new “business” version of Adobe Flash Player. Users who click on the spam link are taken to the Chrome Web Store to download a browser extension. After users download the extension, the malware will check to see if a user is logged into Facebook, and if so, it will use a script to control the account.
Facebook today released an update for its main iOS application, which includes voice messaging and video recording, as well as a more efficient way to hide ads and mark posts as spam directly from News Feed.
Voice messages are a new feature of Facebook’s standalone Messenger app that has been brought to the main app now, as it did on Android little over a week ago. This allows users to send asynchronous voice messages up to 60-seconds long. The free voice calling feature, which is still limited to only certain regions, has not been added to the main app. It is only available via Messenger for iOS.
A new scam targeting Facebook page owners uses Facebook messages and a fake verification page to obtain user logins and passwords.
The phishing scam begins with a Facebook message from a “Security Team” profile that uses Facebook’s security logo. The message tells admins that their page is in violation of terms of service and threatens to permanently suspend the user’s account. Then it offers users the option to “verify” their account if they believe the situation is a mistake. Users are taken to a link where they are asked to provide their page name, email address or phone number, and password.
A few signs would help page owners recognize this message as phishing. First, the social network’s official page about security is called “Facebook Security” not “Security Team.” Clicking the profile which sent the message would reveal that the page was not legitimate.
More tellingly, the message links to the following web address: apps.facebook.com/PageSecurityTeam. URLs that begin with “apps.facebook” are third-party applications. Facebook would likely use a URL that begins with “facebook.com.” Users should be careful entering their information into fields within page tabs, apps.facebook.com canvas pages, and off-Facebook.com websites.
This scam was first reported by Facecrooks, which points out scams like these and offers recommendations for how users can protect their information.
Images via Facecrooks
Facebook today announced a small test that will allow some users to pay to send direct messages to another user’s inbox rather than their “other” folder. The social network is also releasing new filtering options for users to help users indicate who they want to see messages from.
Facebook has a two-folder messages system. Communications from friends and other close connections appear in the inbox, whereas messages from users who don’t have mutual friends or messages that originated as an email to a user’s @facebook.com account are likely to be sent to the “other” folder. For the most part, this reduces spam, but it also hides some messages that users would want to see.
Now in a limited test among a portion of U.S. users, a sender whose message would have appeared in the recipient’s “other” folder will be prompted with the option to pay $1 to have the message routed to the inbox instead. If the sender chooses not to pay, the message will still be sent but not to the main inbox. Messages sent to the “other” folder do not generate any notifications for the recipient, so they are not always viewed right away. This test is only for user-to-user communications. Companies cannot pay to send messages to consumers. There is also a limit so that users can only see one of these types of messages in their inbox per week, although the message will not be designated as paid in any way.
Facebook works with FBI to take down cyber-criminals – Facebook helped the Federal Bureau of Investigation bring down a cyber-criminal ring responsible for infecting more than 11 million computers with “Yahos” malware and causing more than $850 million in losses. The social network helped identify the criminals and affected accounts, leading the FBI and international law enforcement agencies to arrest 10 people involved with the crimes between 2010 and 2012.
Android SDK out of beta – Facebook this week brought the Facebook SDK 3.0 for Android out of beta. The SDK helps developers build social Android apps by providing native UI controls, simplifying session management and improving API support. Facebook says the beta SDK was downloaded more than 80,000 times in six weeks.
Nimble launches CRM app for HootSuite
Nimble this week announced a strategic partnership with HootSuite to help users manage their business network and track social conversations. Nimble combines users’ business contacts, emails, social communications and calendar activities into a single social contact manager. The Nimble app for HootSuite allows users to view their Nimble contacts in HootSuite, add new contacts and more. They can view contact information and a complete conversation history, along with follow-up tasks and other notes.
Instagram to take steps against spam – Instagram let users know late last week that the company is working to reduce spam on the service. “There’s no quick fix, but we have a team of engineers working every day to tackle the issue and we hope you’ll notice their improvements,” the company wrote in a post on Instagram. The company also encouraged users to continue to report the spam they see in comments on photos.
RTB companies await FBX certification – Real-time bidding providers [x+1], Optimal and Kenshoo are still waiting for official approval to be considered partners in the Facebook Exchange, AdExchanger reports. The companies have been providing FBX services either through an integration with AppNexus or another company, or have been allowed early access as they await evaluation from Facebook. After final approval, they’ll be added to the new PMD Center, which includes a section for FBX partners.
Some Facebook users have been posting status updates that include legal language they believe will protect their copyright and privacy. The meme is a hoax that began in May and is going viral again.
Facebook’s actual governing documents, including its “Data Use Policy” and “Statement of Rights and Responsibilities,” are in fact up for review, but users’ status updates will not have an effect on the outcome or even on their own protection. By creating a Facebook account, users agree to the terms in the Data Use Policy and Statement of Rights and Responsibilities. They cannot deny these terms with a status update. Further, the meme going around now includes erroneous references to the Berne Convention, Uniform Commercial Code and the Rome Statute, as seen below.
It’s likely that most people posting these updates are not aware that they can view Facebook’s latest policies and offer feedback here. This is not surprising, but it should be concerning to Facebook. Despite its efforts, the social network is still not well-trusted by users and misinformation spreads faster than ever because of the features it developed. [Update 11/26/12 10:52 a.m. PST - Facebook responded with a "fact check" on its Newsroom site here.]
Some top Facebook pages lost tens of thousands of Likes today as a result of Facebook’s attempt to eliminate false accounts and improve site integrity.
Last month the social network announced it would remove Likes obtained through malware, compromised accounts, deceived users or purchased bulk Likes. It seems a major component of this was pushed today, as many pages saw their daily new Likes dip into negative territory today, and other top growing pages experienced a lower new Like count than normal. This was first reported by TechCrunch, which discovered the change using our PageData tracking service.
Overall, page owners will benefit from this update, even if it means their fan counts are a bit lower. Facebook has said the update will, on average, remove less than 1 percent of a page’s Likes. The change will help page owners better reach the audience that matters and prevent them from being deceived by metrics that might be skewed by false accounts.
It’s unclear how the change will be reflected in Facebook Insights, which are currently two days behind for new Likes and unlikes. Page owners can visit our PageData to understand how their fan totals have been affected and how that compares to other pages of similar sizes and industries. For example, below are the stats for the InsideFacebook.com page, which shows new Likes per day in blue. We have lost seven fans since yesterday as a result of the change.
Facebook says 8.7 percent of its monthly active user total might violate terms of service and be either duplicate, miscategorized or “undesirable” accounts meant for spamming, according to a filing with the Securities and Exchange Commission.
In its quarterly report, Facebook provided updated numbers and new details about illegitimate accounts, which could represent about 83 million users. The company estimates 4.8 percent of its 955 million monthly active users are duplicate accounts. For instance, a user may use one account for connecting with work acquaintances and another for family and close friends.
Facebook says 2.4 percent of accounts are likely miscategorized accounts where users have created personal profiles for a business, organization or pet. These entities should be represented on Facebook with pages, not profiles, according to the social network’s terms of service.
Facebook also estimates that 1.5 percent of monthly active users are “undesirable accounts,” which are false accounts that are created for spamming or other purposes that violate terms. Earlier this week, a music startup claimed that 80 percent of clicks on its Facebook ad campaign came from bots. Facebook says it is investigating the claims.
According to Facebook’s quarterly report, the percentage of accounts that are duplicate or false is significantly lower in developed markets such as the United States or Australia but higher in developing markets such as Indonesia and Turkey. The company says it creates these estimates based on an internal review of a limited sample of accounts. Reviewers identify names that appear to be fake and other behavior that appears inauthentic.
In March, Facebook estimated 5 to 6 percent of its 845 million monthly active users could be false or duplicate accounts. At that time, the company did not offer estimates about what percentage of these accounts were duplicate, miscategorized or otherwise undesirable.