Beware Remove your Facebook Timeline scams

Filed Under: Facebook, Featured, Malware, Social networks, Spam

Not everyone is a fan of Facebook's Timeline feature. And that's a fact of which spammers and scammers are happy to take advantage.

Take this spam message received by a Naked Security reader, for instance.

Remove Facebook Timeline spam

If you click on the link you are taken to a website created just a couple of days ago, whose domain is registered in Turkey.

Timeline remove website

If you take a look at the website, you'll see that it encourages you to install a Firefox or Chrome add-on to remove the Facebook Timeline from your account.

Timeline remove website

Should you install it? Well, we're still analysing the add-ons in our labs, but hopefully - at the very least - you would check the terms of use first.

What's that? You never check the small-print before installing software on your computer? Shame on you..

In this case, the terms of use are all in Turkish. No English translation is available (although the authors helpfully point to Google Translate which transmogrifies phrases like "Remove Timeline" to "Escape Time Tunnel".. sounds like a 1960s sci-fi TV show to me..)

Timeline remove website terms of service

For those who did bother to read the terms of use, things are pretty clear. Even if you don't speak Turkish.

"If you are not living in Turkey don't use this plugin, this is for only users who living in Turkey."

Hmm.. My advice would be to avoid installing this software. And that's even before SophosLabs has analysed the suspicious plugins!

Make sure that you keep informed about the latest scams spreading fast across Facebook and other internet attacks. Join the Sophos page on Facebook, where over 180,000 people regularly share information on threats and discuss the latest security news.

, , , , ,

You might like

19 Responses to Beware Remove your Facebook Timeline scams

  1. leslie · 1227 days ago

    Always nice to see something like this warning people, to bad its scammers like this i cant get away with my harmless pranks of tricking people into getting timeline

  2. lewis · 1227 days ago

    I seen similar to this lastmonth one of teh sites was prompting you to run a Java Applet which was obviously a Trojan.

    Also i seen a site that requires you to fill in a survey for the guide on how to revert the timeline back to the original FB, then within the guide it asks you to install a browser addon which was the recent/ latest threat called Lilly Jade. Lilly jade is a plugin that works on all browsers and it replaces adds on websites with the spammers adsense code which gains them allot of money.

    I would love to see sophos warn people abour Lilly jade as i think it is a big threat and publically available to purchase.

  3. Wendy Saunders · 1227 days ago

    Thank you for another timely save. I received one of these, but since I actually LIKE Timeline, I didn't click on it, but something about it triggered my "Spidey-sense". Later I received an all caps warning from a friend claiming installing it had crashed her computer. I'll be watching to see what your lab's findings are. Thanks again.

  4. Bob · 1227 days ago

    Social Fixer (formerly known as Better Face Book) is a legit tool that fixes a lot of the recent Facebook "features". Not sure how much of timeline it actually un-does, but I wouldn't use FB without SF.

    Nothing can tell you who looked at your profile (another FB scam) but this add0in does tell you when someone un-friends you or re-friends you. And it has lots of other cool features.

  5. Machin Shin · 1227 days ago

    Is it just me that thinks it is sad that scammers are better able to see what people want than Facebook? How many scams are out there where people just want to customize Facebook and scammers prey on them? Simple solution to all this, Facebook needs to wake up and give people what they want instead of forcing conformity.

  6. njorl · 1227 days ago

    I see that having a plug-in in my browser may be able to block the time line when I view a profile in it. If I get all my "friends" using the plug-in, then my time line has effectively gone, but only for so long as my friends stick with the plug-in.

    Removing my time line from all viewers (whether or not they use the plug-in) necessitates changing my profile, and, apparently, Facebook, deliberately, does not support such a change. So, for the plug-in to accomplish this, it would have to exploit some bug / vulnerability in Facebook. Depending on the details, could using such a plug-in constitute hacking / "wire fraud" and earn us summary extradition to the USA?

  7. Des Farthing · 1226 days ago

    Has anyone else been getting this message recently? It looks like a spoof even to my uneducated eyes! Anyway I'm not inclined to pass it on until I know whether it's real.

    Do not open any message with an attachment called:"Invitation FACEBOOK", regardless of who sent it.
    It is a virus that opens an Olympic torch that burns the whole hard disc C of your computer. This virus will be received from someone you had in your address book.
    That's why you should send this message to all your contacts. It is better to receive this email 25 times than to receive the virus and open it.
    If you receive E-MAIL called: "Invitation FACEBOOK", though sent by a friend, do not open it and delete it immediately. CNN said it is a new virus discovered recently and that has been classified by Microsoft as the most destructive virus ever.
    It is a Trojan Horse that asks you to install an adobe flash plug-in. Once you install it, it's all over. And there is no repair yet for this kind of virus. This virus simply destroys the Zero Sector of the Hard Disc, where the vital information of their function is saved.

  8. dba · 1226 days ago

    It looks like a keylogger to me. Obvious! Install plugin, Login to facebook = Keylogger. Allways double check programs (google it, google author,...) Certificates look stupid, but they come in a handy, check them! Terms? Read them, especially the small letters!

  9. Chris A · 1226 days ago

    Thanks for that, My friend just now on Facebook thought he removed his Timeline, I think he used this from his email. Its too late for him but thanks for the post to let my other friends know.

  10. davide languedoc · 1226 days ago

    Although this advice is very wise, There are actually legitimate add-ons for altering the display of timeline' so don't throw the baby out with the bathwater. For example the FB Purity browser extension is 100% safe and can be used for viewing timeline in a single column layout , and it also protects you from viral Facebook application spam as it automatically hides all location messages from your news feed and makes it easier to block those apps and also provides lots of other functions for making using Facebook much less annoying

  11. Noah · 1225 days ago

    I clicked on it using my iPod and it said "hacked by mangu" should I be worried ??

  12. Jenn · 1225 days ago

    I'm really beginning to think I'm one of the only people left in the US that has managed to NOT be updated to the new Timeline and it makes me wonder how much longer I can hold out...

  13. john · 1224 days ago

    There are still others, including me, who do not use Timeline and are therefore pestered by FaceBook frequently 'to get the new timeline'. FaceBook should at least offer us the option to say 'No, I'm not interested' just one time and then quite bugging us about it.

  14. Jonas · 1174 days ago

    So many of my friends have had their lives ruined by use of Facebook I would suggest deleting the whole can of worms.

  15. Cyndi · 1131 days ago

    Stupidity should be painful! That's all I have to say.

  16. NoXoS · 1109 days ago

    I must laugh.....the app's on face book are the most dangers and members click to see a video, to play games , to get there horoscope, all theses links take you out side of facebook
    and the most dangers. and there the one's no one talks about.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley