Since 2009, Facebook scams related to profile spies, profile stalkers and profile creepers have been on the rise. These scams are largely fueled by the rising interest of Facebook users in such services or applications.
In fact, as of the time of this writing, the number of people searching Google for the term “Facebook Spy” stands at 33,100 global monthly searches for the term, “Facebook Profile Spy” stands at about 14,800 and “Facebook Profile Tracker” at about 8,100.
Google trends collaborates this data by showing that the number of searches for the term “Facebook profile spy” increased by more than 20 times from 2009 to 2010 with US internet users being the most curious, followed by Canada, United Kingdom and Australia.
Google insights present a simpler way of describing the increase. “Breakout” – which simply means Google has given up counting ever since the increase in interest over the search term broke the 5,000% mark.
These figures practically beg the question. WHY? Why the unquenchable and intense need to know who views, stalks, spies, and scrutinizes our profile? More importantly, why the scams? To answer this, we may need to go back to where this all started – the proto-Facebook social networking sites, Myspace and Friendster.
Profile Spies, Trackers and Creepers Background
Remember Myspace and Friendster [for people living in Asia] ? These two social networks were the big boys on the internet social media industry before Facebook came along. What’s more, these two social networking sites offered their users ways in which they could track who had been viewing their profiles.
With Friendster, it was more straightforward, activating a feature enabled you to see the people who had viewed your profile recently. Of course having this option activated also meant that people you’ve been checking out could also see that you had been to their page.
Such freedom however proved to be a double edged sword (and one that may have killed MySpace in the long run). It was not long after that a scam group called Blue China unleashed the Stalker Tracker Scam on MySpace. Here users were encouraged to sign up for the Beta testing on a site outside of MySpace. Beta testers soon found out that their accounts were hijacked and used to propagate the scam.
Profile Spy, other scams and malware eventually got so rampant on Myspace that it didn’t take much convincing on Facebook’s part for MySpace users to switch social networks. At that time at least, Facebook promised to be a much cleaner social network with stricter privacy and security controls.
The only problem was quite a number of people missed the old features available on MySpace – particularly the ability to see who had been checking out their profiles. Profile traffic trackers, after all, are an integral part to some people’s social media experience and by ‘some people’, I mean lovestruck ones who need to know if their crushes have been viewing their profiles, girlfriends looking for signs of infidelity on their boyfriend’s accounts, paranoids, narcissists, etc, etc, etc.
Thus the current crop of Facebook Profile Tracker Scams is now in full force.
Facebook Profile Tracker, Stalker, Spy Scams Background
Here are some of the early profile stalker apps / scams on Facebook that I have stumbled upon while doing research on this topic:
Oct 2006: Unfaced: Developed by John Arrow, a student from Texas, way back in 2006. This was a tracker service that required users to sign up and place a link to their profile. The link would then take them to a webpage where their profile info would be mined and stored in order to compute their compatibility score. The information of who clicked on the link would then be sent to the Unfaced user.
Not long after the service was launched, Facebook shut down John Arrow’s personal profile and sent a cease and desist letter saying that the service was a serious violation of Facebook’s Terms of service.
June 2007: Trakzor: Similar to Unfaced, Trakzor was an opt-in service that required users to sign up in order for them to be tracked. Unlike Unfaced though, Trakzor only tracks Facebook users that have also installed the application. Users also had to log in to their Trakzor accounts first in order for their Facebook profile viewing to be counted.
These limitations may have been the reason why Trakzor was not as popular on Facebook as it was on Myspace [where it does most of the above mentioned functions automatically]. There currently is not a Trakzor application on Facebook.
May 2008: Gawker Post: A post on Gawker’s blog back in 2008 generated a lot of controversy when it said that pressing the down arrow button at the status bar in Facebook will show a list of 5 persons who viewed the user’s account the most.
Other users of Facebook who noticed this bug claimed that this was the result of a Facebook friend optimization algorithm while others claimed that it was the other way around, the list shows profiles you interact with the most. In any case, Facebook soon patched the hole preventing further speculation.
Aug 2009: Stalker Check [60,000 fans] and Fancheck: 2009 saw the rise in popularity of another Facebook tracker called Stalker Check – which was renamed Fan Check after it was taken down by Facebook. In fact, it became so popular not only in Facebook but in Google search that a malware scare developed around the service.
Unlike previous applications though, Stalker check and Fan Check does not actually determine who views user profiles repeatedly. Instead, these services rank the ‘stalkers’ and ‘top fans’ according to who interacts most with a particular user through comments, likes, etc.
Dec 2009: Profile Spy Group: Near the end of the same year, a Facebook spam group named Profile Spy attracted more than a Million members in just a few days. The group promised the distribution of the profile spy ‘activation link’ as soon as the member count reaches 2,121,121. Moreover, the join group instructions also included a part wherein a potential member has to invite at least 200 friends and post a code in their url bar.
As expected, there was no profile spy and Facebook shut the page down soon after. It was later found out that the group was created by a boy in high school who claimed that he was just doing it for fun.
Another group named Profile Watcher soon took its place and amazingly, it was still able to attract more than 600,000 members of people hoping that Facebook indeed HAD a stalker application.
The demand for profile trackers in Facebook might be millions of users strong if we are going to use the number of profile tracker scam victims as a basis. Unfortunately, Facebook doesn’t seem inclined to grant users this capability anytime soon as we will see in the next section.
Facebook Policies Regarding Profile Traffic Tracking
[Article II of Profile Scam Series]
Perhaps the biggest glaring proof that profile trackers do not exist [at least legitimately] in Facebook is the fact that through the years, Facebook has repeatedly issued warnings, announcements and FAQs regarding profile trackers as a violation of the Facebook TOS.
Some examples that can be found in Facebook’s Help section are:
Here, Facebook is clear in saying that it does not provide this feature in its platform and 3rd party applications that claim to have this ability should be reported so that they can be removed.
Here Facebook is adamant about the fact that they DO NOT provide applications the capability to track profile views in Facebook. Given the information available to them, the most these applications can do is to monitor the number of people clicking the like and comment buttons on your profile page. This is what the application Stalker Check and FanCheck did. In the end, Facebook also took down their page.
Other advisories are as follows:
Facebook’s security page also tells the same thing regarding the issue:
The Facebook Security Center provides the following instructions for reporting an application:
The old version of Facebook’s DPP or Developer Principles or Policies also covered this restriction. DPP II.5b basically states that 3rd party applications are not allowed to track or estimate visits to and from a Facebook profile. This means that 3rd party apps that are claiming the ability to do so are in direct violation of this policy and may be taken down by Facebook. Upon time of writing, the newer version of Facebook’s DPP however doesn’t mention this restriction.
Facebook Help and Security Center are pretty clear about where it stands regarding profile spies, trackers, stalker applications, etc. In all cases, Facebook states that any such application claiming the ability to track profile visits are in direct violation of Facebook’s TOS and should be reported immediately.
10 Signs of a Facebook Profile Spy / Tracker Scam in Progress
[Article III of the Profile Scam Series]
One of the most viral real estate in Facebook is the newsfeed and this is usually what most profile scams use to propagate through the network. More often than not, the first clue you will have that a profile spy scam is in progress is seeing one or more of your friends posting updates or links about it in their profiles. Here are some recent examples:
2. The Links
Clicking the link that comes with the message will then take you to an application / group / fanpage or an external site. Links pointing to external sites are usually presented as a shortened url but you will be able to see the complete url on top of your browser upon opening their site.
Below are some of the urls that have been used by profile spy scams in the past:*http://seewhoviewed.fileave[dot]com
Did you notice that the main url of all the above links point to fileave.com? Fileave.com is a free web hosting site that lets its users upload content up to 50MB. Because it’s free, scammers usually use this web host as a base for their scams. In fact, below is a screenshot from McAfee’s report regarding the site:
Weebly.com is another site wherein you can create websites for free. They have paid premium services but you can create a free website using the free account. As such, scammers are also using this as a base for their scams.*http://whoviewsyou.weebly[dot]com
Thelikeportal.com is yet another such external site that users are sometimes redirected to when they like a fanpage or click on a link on their newsfeed. The site advertises itself as a base you can use in order to gain likes from something you have posted on Facebook. Although, McAfee and Norton both have nothing to report on the site, Allfacebook.com tagged the domain http://profileviewer1.thelikeportal[dot]com as one of the scam sites used by the profile spy scam last July 2010.
You will notice some warning signs and similarities when you encounter this type of external websites.
* One of these warning signs is a bad review from scam/spam reporting sites such as McAfee site advisor.
* Some sites will also have design and layout very similar to Facebook giving Facebook users the illusion that the website is a part of the Facebook platform.
* Weird sounding domain names: perhaps you will also notice that quite a number of these domains have weird sounding, long domain names or names that are outright violations of Facebook’s trademark. Some examples are: http://profile.isgreat[dot]org, http://photosonfacebook[dot]info/pspy, http://photosonfacebook[dot]info/pspy, http://whosviewme.t35[dot]com/fb.php, http://whosviewme.t35[dot]com/fb.php http://whosviewme.t35[dot]com/fb.php, http://whosviewme.t35[dot]com/fb.php and http://whoviewsyou.icantbelieve[dot]info.
* Of course, you should be wary of links pointing to sites found in free webhosting sites as well as websites with domain extensions that are not familiar to you. Scammers love free hosting and cheap domains. After all, they know their site wouldn’t be up for long.
Below are examples of profile spy scams that use fanpages or groups as their base.
3. Invite Friends
Some Facebook profile spy scams will also have special instructions that scam victims have to follow in order to be able to sign up for the service. As an example:
Invite all or at least xxx number of friends: If you are a moderator of a group or a fanpage, you will know that there is no way for page or group moderators to track the number of invites a member sends or even how many people actually joined because of those invites. Moreover, these is no way to set it up in such a way that a member will automatically be eligible to use the profile spy application once a certain number of referrals are reached. Instructions such as this are only meant to spread the scam to other networks and attract as many victims as possible.
4. Paste code on Browser, Download a Toolbar, etc
Profile spy scams will also sometimes trick users into copying a code on the page and pasting it on their browsers. Doing this will allow scripts to run on your computer that can download malware such as computer viruses, Trojans, keyloggers, etc.
Sometimes clicking on a link will redirect users to another page where they are instructed or tricked to download a toolbar, antivirus program, etc. One such scam tricked 300,000 people into downloading one. Downloading such toolbars or programs will result in the same thing: viruses and malware are downloaded into your PC.
One of the consequences of pasting such codes into your browser or downloading such toolbars is browser hijack. If this happens, you’ll see a lot of pop-ups when you open your browser and you will notice you are increasingly being redirected to shady sites owned by the scammers.
A comment of someone who has been infected through this method goes: “but it’s another link and a viral spam that has spread among me and my friends’ wall, now I can no longer make posts and comments on my Facebook account, all it does is post a link.”
5. The Phishing Scam
Sometimes a profile spy scam link will also take you to a page that looks a lot like the Facebook homepage. Sometimes, you might not even notice any difference unless you check the url on the top portion of your browser where you will see that the log-in page you are in is not https://www.facebook.com/ or http://www.facebook.com/.
Here, you will be asked to log in to Facebook again or will be asked to input your username or password to verify your account. As expected, once you do, your account is hijacked by the scammers and used to further propagate the scam to your friends.
6. The Landing Page
More and more of the recent profile spy scams are masquerading as applications. This is because as applications, downloading your user info for resell to their ad networks is much easier.
Application based profile spy scams will usually take you to a landing page upon clicking a link. Some examples of these landing pages are presented below.
7. The Application Request for Permission Screen
Upon clicking on the continue link on the landing page, you will then be taken to the application request for permission screen. This is where they will mine your profile for data that they can sell to their advertisers or use for their own ends. Notice the access my basic information and access my data any time request for permissions on the screencap below.
Rogue applications will often attempt to request for additional permissions that can be used to further propagate their scams. When you grant them the ability to “post to my wall” and “manage my pages.” You are giving the application developer the means to spam your friends with their scam message.
8. Like and Status Update Jacking
Upon clicking the allow button on the application request for permission screen, the scam message will then be automatically reposted on your wall. This will make the scam visible to your friends and attract more victims for the scam. Here are some examples on how your message will look like on your friends’ wall.
9. The Survey Scam /Verification Tests / Anti-Bot Tests
The next step and clue that you are falling victim to a profile spy scam are the things that these applications will make you do in order to be qualified to use the application.
Verification Tests: Here you will be asked to click on a sequence of buttons on the screen supposedly so that they can verify that you are a human user. The buttons are however overlaid on the like and share buttons so in effect what you are doing is liking and sharing the application on your profile page.
Survey Scam: Another variation of this is that you will be asked to take a short survey where your information is captured to be qualified to use the application. The answers you input in these surveys can then be used in several ways.
1. They can sell the information you have given in the survey to pay-per-lead networks or advertisers.
2. The can sell your email address to email spam networks or shady mailing list companies. Your email will then be bombarded with email spam or emails containing malicious links.
3. They will profit from personal information you have provided such as your mobile number or credit card number [this will explained in next section].
Below are some examples of these survey or verification pages:
10. Mobile / Credit Card Subscription Scams
If you will notice in the screencap posted above, there’s a barely legible text that says that giving your mobile number automatically signs you up to a premium mobile subscription service that costs $9.99 per month. Other scams charge your phone as much as $19.99 per month.
Imagine 300,000 profile scam victims unknowingly paying $9.99 each for a mobile subscription service. That’s a whooping $2,997,000 monthly for the scammers!
All the above given reasons and scenarios are precisely the reasons why you should always be wary of suspicious applications and links on Facebook. Don’t be the next scam victim. Protect your friends and help others learn how to protect their security and privacy on Facebook. Stay updated on the latest Facebook profile spy scam, game scams, etc. Join our Facebook page and be a part of the Facecrooks community – your social media watchdog.