Scammers look for any and every opportunity to exploit a vulnerability or privacy loophole found on Facebook. Their latest tactic is to tag users in photographs. Scam wall posts are no new thing, and these spam messages often contain funny, sexy or outrageous images. This is a way for the scammer to grab someone’s attention and try to lure them in. Now they have gone a step further. The images used in the scam wall postings are now showing up with users tagged in them.
Take a look at these images we discovered just yesterday:
Obviously, this large number of Facebook users are not present in the photograph. Anyone tagged in this image will receive a notification when they login into Facebook that they have been tagged in a photo. The scammer is hoping this notification will lure the user to original spam message, which contains a link to a scam site or rogue application.
Here is another example from a scam circulating yesterday:
Notice the scam message at the bottom of this Facebook page: “How much time have you WASTED on Facebook???” So how can you stop these scammers from tagging you in photos. Well, the bad news is that you can’t! Facebook’sprivacy settings (or lack thereof) allow any of your friends and applications to tag you in a photograph. Your only recourse is to remove the tag once you receive the notification. Hopefully, Facebook will change this in the future an require user approval for all photo tags, but don’t hold your breath. In fact, click here and suggest this to Facebook now. If they get enough complaints on the issue, perhaps they will take action.
If curiosity gets the best of you and you end up clicking on a scam link, make sure you clean up your news feed and remove any rogue applications installed.
How to Deal with the Scam:
Facebook currently allows your friends to tag you in photos, and there is no way to disable this feature. One thing you can do is to adjust the privacy setting that will allow no one else to see the photos you are tagged in. In the right-hand corner, click Account –> Privacy Settings –> Customize Settings:
After you click on “Customize Settings,” scroll down to the “Things others share” section. Here you will edit “Photos and videos you’re tagged in”
Click “Edit Settings” and select “Only Me.” Even if you are tagged by a friend’s rogue Facebook application, only you will see the tag:
*This setting will stop ALL of your friends from seeing ANY photo’s you are tagged in or tagged yourself in. So even the tagged photos you want people to see, will no longer be seen.
Another defense against the photo-tagging exploit is to control the “Info accessible through your friends” This will limit the information available to applications, games and websites when your friends use them. Please note, this will NOT stop a Rogue Application from tagging you in a photo that IT places on one of your friends walls. It will only stop the rogue app from accessing YOUR Photos through your friends.
You will need to access your privacy settings to complete the next set of actions (Account/ Privacy Settings/ Applications & Websites.)
Click “Edit your settings” then scroll down a bit until you see “Info accessible through your friends” – click the “Edit Settings” tab here.
On this screen, deselect the “My photos” box and click “Save Changes.” This will not give Facebook applications access to your photos.
These may be extreme but necessary precautions until Facebook gets a handle on the Photo Tagging exploit currently in use by scammers!
If you or your Facebook friends are falling for tricks like this, it’s time to get yourself informed of the latest threats. Be sure to join the Facecrooks page on Facebook to be kept informed of the latest security issues. Also check out: