Facebook stalkers and profile creeps - rogue apps spread virally

Filed Under: Facebook, Rogue applications, Social networks, Spam

Many Facebook users have contacted the Naked Security team this weekend, reporting that they have fallen victim to a fast-spreading scam that claims you can find out who is stalking you on Facebook and viewing your profile.

Judging by the number of messages posted on the site, the scam spread hard and fast affecting many users. And although Facebook's security team appears to have been mopping up the mess, and removing the rogue applications and messages, there's always the chance that it will resurge in a slight different form before too long.

One of the most commonly seen scam messages read:

I just saw who STALKS me on Facebook! You can see who creeps around your profile too! [LINK]

Clicking on the link would take you to a rogue application, that claimed it would tell you who was viewing your Facebook page.

Find your Facebook stalker

If you approved the subsequent request for the application to be able to access your profile, your own Facebook account would publish the scam link, passing it virally onto your Facebook friends.

The purpose of the scam and the reason why the bad guys wanted it to spam out so quickly? Every user is requested to fill in a survey, which generates money for the scammers behind the scheme.

So, here's an important message for all Facebook users. There's no way for you to find out who has been viewing your Facebook profile, or your total number of Facebook profile views, and Mark Zuckerberg isn't asking you to verify your account either.

If you have been hit by scams like this on Facebook, and are struggling to clean-up your profile, here's a YouTube video I made which describes what steps you need to take:

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

Make sure that you keep informed about the latest scams spreading fast across Facebook and other internet attacks. Join the Sophos page on Facebook, where over 50,000 people regularly share information on threats and discuss the latest security news.

Hat tip: Thanks to all the Naked Security readers who informed us about this fast-spreading scam.

, , , ,

You might like

24 Responses to Facebook stalkers and profile creeps - rogue apps spread virally

  1. Kristoffer · 1172 days ago

    I am always surprised at how many of my friends allow these (or fall for these) apps into their profile. What I don't get is why Facebook continues to allow these apps onto their site.

  2. Lucy · 1172 days ago

    just one thing - I've had soooo many of these on my facebook wall that I'd stopped reading them and just started clicking them all to report as spam, by the profile creeps picture at the side..... When my friend posted your article on facebook with the profile creeps picture at the side i deleted it and reported it as spam with all the other ones - by accident - because it had the smae picture in the same place and I wasn't for reading all the rubbish in all the rest of them - maybe altering the picture a little bit might prevent this from happening to pther people?

  3. Patty · 1172 days ago

    What I don't understand is why anyone would care? It is a social network site and I expect people I have as friends to look at my profile. Yet I see where others will use the apps.

  4. Ema · 1172 days ago

    Actually there is a way to know who is stalking your FaceBook page. They tell you they did.

  5. jo davies · 1172 days ago

    evey time i have logged on on my wall is a message to verify account is this a scam to then?

  6. Thu Win · 1172 days ago

    Why can't facebook regulate the apps! Too many rogues wild in Facebook. If I were the member of Facebook, I would make it so that all apps must be approved first before it becomes live. Also can't they make a system to scan the apps for any common keywords?

    • Sebrina · 733 days ago

      I also agree that they should regulate the apps. For there is way to many on here.

  7. Stewart · 1172 days ago

    Why not just be nice and leave the apps so homeless people can feed their children?

  8. Mix · 1172 days ago

    I feel like a big dummy. I fell for the the Profile Creeps app. I have since disabled all apps. I still feel like a fool.

  9. What we say on facebook never gets deleted. Even if you were to try to delete it. It only get deleted to our own eyes. It will still stay there if some really wants it and have the right to get it.

    For all of us who are concerned about Facebook issues we have created the website called Avoid Facebook @ http://www.AvoidFacebook.com

  10. pula · 1171 days ago

    I fell for the the Profile Creeps app. I have since disabled all apps. I still feel like a fool.

  11. Sasha · 1170 days ago

    I'm an absolute idiot . I have never fallen for this crap before but since it was in the Facebook environment I trusted that there were some measures in place to keep us users safe. Again I feel like such an idiot. I gave actually gave my real information. Am I screwed! I am quite concerned about this. Any information would be appreciated!

    • Cookie · 1161 days ago

      no, you give the information to facebook too
      and your friends give their information as well and everything is fine with that.
      so you are fine
      this surveys dont ask for your credit card or anything like that
      they are just market research surveys

  12. littlehand · 1145 days ago

    I clicked on profile creeps, didn't click "allow" (backed out) and now that i'm reviewing my security I found the app on my app list. BUT not on the easy to see list (it wasn't there), I could only see it when I clicked "turn off all platform apps." I then tried to remove it, but the option to remove just one app didn't work. I watched your video, went back to the same page and it was gone.

  13. Patrick · 1109 days ago

    Here's the latest with this scam...if you have it it adds images to your photo albums and tags your friends in them.

  14. scott · 1107 days ago

    I had two mailings sent to my primary email and was from my friend. I clicked the hyperlink which auto-logged me to FB and now I cannot get rid of the creeper. it appears in two profile picture slots just below my name.
    I logged off changed my password etc. I confronted my friend and asked her why she sent it, she said " she wanted to know who was looking at her profile lol !

    The video is not applicable as it does not show up anywhere but in my picture bar at top of page just below my screen name >?

    • nancyann pleau · 1106 days ago

      scott go to your pictures click on the one you want to get rid of look for your name under the picture next to your name is remove tag click on it now go to the top right corner of the picture click on the x and that should get rid of it

  15. J Dudley H · 1106 days ago

    I got two of these from "XXX (someone I DO know and who is a friend) tagged you in a photo... It showed the list. I clicked ONLY on "remove tag" by my name... because really, don't want the tags anyway. Is that relatively safe? I didn't get a "allow aps" which I always tell NO....

  16. Natálie Čermáková · 1104 days ago

    But I think It'd be interesting if we had a chance to know it. Sure, if you wouldn't want to tell the others you were looking for someone's profile, so a simple way - you could set your visibility. Just to try it isn't the worst idea. -)

  17. angela · 1102 days ago

    getting SUPER irritated with this one already!!!
    first off...i do NOT click on any of those kind of links or any links unless i KNOW it was sent by a friend {i usually ask just to make sure}
    i have been tagged in a couple of them, removed the tag, blocked the app {along with quite a few others} reported it as spam and yet i'm STILL seeing that stupid little guy in the top row pictures in of profile...when i click the "X" to remove it it says i don't have permission to do that...what else can i do???
    also even though it's there usually just for me to see, i did put out a warning to my friends if they get tagged to do as i did about marking it as spam and reporting it and that i of course didn't tag them in it.

  18. Morgan Mandel · 1098 days ago

    I'm getting the Profile Creeps on my photostrip at Facebook, but don't dare click on it.
    It shows circles and a slash where two or three of my photos were before, then the next shows the picture you have above of Profile Creeps.
    I edited my account so the photostrip is only visible to myself, but I still got that again last night. I don't see how it can get on there.

    I emailed Facebook and got a generic message that they can't answer every question, so I have no idea if they'll do anything about it.

    Not sure what else to do.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.