Many Facebook users have contacted the Naked Security team this weekend, reporting that they have fallen victim to a fast-spreading scam that claims you can find out who is stalking you on Facebook and viewing your profile.
Judging by the number of messages posted on the site, the scam spread hard and fast affecting many users. And although Facebook's security team appears to have been mopping up the mess, and removing the rogue applications and messages, there's always the chance that it will resurge in a slight different form before too long.
One of the most commonly seen scam messages read:
I just saw who STALKS me on Facebook! You can see who creeps around your profile too! [LINK]
Clicking on the link would take you to a rogue application, that claimed it would tell you who was viewing your Facebook page.
If you approved the subsequent request for the application to be able to access your profile, your own Facebook account would publish the scam link, passing it virally onto your Facebook friends.
The purpose of the scam and the reason why the bad guys wanted it to spam out so quickly? Every user is requested to fill in a survey, which generates money for the scammers behind the scheme.
So, here's an important message for all Facebook users. There's no way for you to find out who has been viewing your Facebook profile, or your total number of Facebook profile views, and Mark Zuckerberg isn't asking you to verify your account either.
If you have been hit by scams like this on Facebook, and are struggling to clean-up your profile, here's a YouTube video I made which describes what steps you need to take:
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)
Make sure that you keep informed about the latest scams spreading fast across Facebook and other internet attacks. Join the Sophos page on Facebook, where over 50,000 people regularly share information on threats and discuss the latest security news.
Hat tip: Thanks to all the Naked Security readers who informed us about this fast-spreading scam.
![Password security infomerical leaves Ellen DeGeneres in disbelief.. and it will you too [VIDEO]](http://sophosnews.files.wordpress.com/2013/04/ellen-thumb.jpg?w=75&h=75&crop=1)
![Can multiple moving cursors really hide your password from spyware and peepers? [VIDEO]](http://sophosnews.files.wordpress.com/2013/03/cursors-thumb.jpg?w=75&h=75&crop=1)
I am always surprised at how many of my friends allow these (or fall for these) apps into their profile. What I don't get is why Facebook continues to allow these apps onto their site.
just one thing - I've had soooo many of these on my facebook wall that I'd stopped reading them and just started clicking them all to report as spam, by the profile creeps picture at the side..... When my friend posted your article on facebook with the profile creeps picture at the side i deleted it and reported it as spam with all the other ones - by accident - because it had the smae picture in the same place and I wasn't for reading all the rubbish in all the rest of them - maybe altering the picture a little bit might prevent this from happening to pther people?
What I don't understand is why anyone would care? It is a social network site and I expect people I have as friends to look at my profile. Yet I see where others will use the apps.
Actually there is a way to know who is stalking your FaceBook page. They tell you they did.
evey time i have logged on on my wall is a message to verify account is this a scam to then?
You mean like the one described at http://nakedsecurity.sophos.com/2011/02/01/facebo... ?
That's a rogue app/survey scam.
If its a whole page block and require you to verify your account with friend's name, its not spam.
your right about that. i agree with you cause it has happened to me plenty of times here on facebook. I am glad that facebook takes action. I like it when they do make you verify the account even with your friends list.
Why can't facebook regulate the apps! Too many rogues wild in Facebook. If I were the member of Facebook, I would make it so that all apps must be approved first before it becomes live. Also can't they make a system to scan the apps for any common keywords?
I also agree that they should regulate the apps. For there is way to many on here.
Why not just be nice and leave the apps so homeless people can feed their children?
I feel like a big dummy. I fell for the the Profile Creeps app. I have since disabled all apps. I still feel like a fool.
What we say on facebook never gets deleted. Even if you were to try to delete it. It only get deleted to our own eyes. It will still stay there if some really wants it and have the right to get it.
For all of us who are concerned about Facebook issues we have created the website called Avoid Facebook @ http://www.AvoidFacebook.com
I fell for the the Profile Creeps app. I have since disabled all apps. I still feel like a fool.
I'm an absolute idiot . I have never fallen for this crap before but since it was in the Facebook environment I trusted that there were some measures in place to keep us users safe. Again I feel like such an idiot. I gave actually gave my real information. Am I screwed! I am quite concerned about this. Any information would be appreciated!
no, you give the information to facebook too
and your friends give their information as well and everything is fine with that.
so you are fine
this surveys dont ask for your credit card or anything like that
they are just market research surveys
I clicked on profile creeps, didn't click "allow" (backed out) and now that i'm reviewing my security I found the app on my app list. BUT not on the easy to see list (it wasn't there), I could only see it when I clicked "turn off all platform apps." I then tried to remove it, but the option to remove just one app didn't work. I watched your video, went back to the same page and it was gone.
Here's the latest with this scam...if you have it it adds images to your photo albums and tags your friends in them.
I had two mailings sent to my primary email and was from my friend. I clicked the hyperlink which auto-logged me to FB and now I cannot get rid of the creeper. it appears in two profile picture slots just below my name.
I logged off changed my password etc. I confronted my friend and asked her why she sent it, she said " she wanted to know who was looking at her profile lol !
The video is not applicable as it does not show up anywhere but in my picture bar at top of page just below my screen name >?
scott go to your pictures click on the one you want to get rid of look for your name under the picture next to your name is remove tag click on it now go to the top right corner of the picture click on the x and that should get rid of it
I got two of these from "XXX (someone I DO know and who is a friend) tagged you in a photo... It showed the list. I clicked ONLY on "remove tag" by my name... because really, don't want the tags anyway. Is that relatively safe? I didn't get a "allow aps" which I always tell NO....
But I think It'd be interesting if we had a chance to know it. Sure, if you wouldn't want to tell the others you were looking for someone's profile, so a simple way - you could set your visibility. Just to try it isn't the worst idea. -)
getting SUPER irritated with this one already!!!
first off...i do NOT click on any of those kind of links or any links unless i KNOW it was sent by a friend {i usually ask just to make sure}
i have been tagged in a couple of them, removed the tag, blocked the app {along with quite a few others} reported it as spam and yet i'm STILL seeing that stupid little guy in the top row pictures in of profile...when i click the "X" to remove it it says i don't have permission to do that...what else can i do???
also even though it's there usually just for me to see, i did put out a warning to my friends if they get tagged to do as i did about marking it as spam and reporting it and that i of course didn't tag them in it.
I'm getting the Profile Creeps on my photostrip at Facebook, but don't dare click on it.
It shows circles and a slash where two or three of my photos were before, then the next shows the picture you have above of Profile Creeps.
I edited my account so the photostrip is only visible to myself, but I still got that again last night. I don't see how it can get on there.
I emailed Facebook and got a generic message that they can't answer every question, so I have no idea if they'll do anything about it.
Not sure what else to do.