My Facebook account is sending spam. Have I been hacked?

If you notice that your Facebook account is posting links, publishing status updates or sending messages by itself, then this is a sure-fire way of knowing that something isn’t quite right.

Whether your account is posting links to your timeline, messaging your Facebook friends or commenting on posts by others, if it is doing it automatically, then something has gone wrong.

And while many may be a little trigger-happy to lay the blame firmly at the doorstep of nefarious “hackers”, this is actually not usually the case (and nor are most things we like to blame hackers on.)

While something is certainly wrong with out account, we’ve probably not been hacked in the way we think we have. In reality, we’ve almost certainly fallen for an Internet scam and inadvertently afforded spammers or crooks the ability to post from our Facebook account. In all likelihood, we’ve either given a rogue app permission to post rubbish from our account, inadvertently handed over our login password to cyber-crooks, or possibly (though more rarely) given permission for a rogue browser extension (or malware) to install on our device.

Any of those explanations could result in a crook sending messages from our Facebook accounts, and yet all of them rely on us – the victim – compromising our own security to work. No magical techy wizardy from hackers is really required (though blaming it on nefarious hackers certainly allows the victim to shift the blame from what is most certainly their own security faux pas.)

The bottom line is this – if a Facebook account is automatically posting spam links, comments or messages, then the account owner has most likely compromised their own security.


Sponsored Content. Continued below...




So let’s dig deeper into what has happened if our account is posting spammy links or chat messages by itself…

Installing a spammy Facebook app. Facebook is full of such apps, and many of them ask for permission to post content from the account. A permission which is granted from a Facebook user flippant about their security. In this case the spam can be stopped by uninstalling the Facebook app.

Entering your login information on a spoof webpage. It’s called phishing. The crook tries to trick the victim into visiting a webpage that looks and feels like the Facebook login page. Only it isn’t – something that can easily be confirmed by looking at the web address of the page. However the security “unconscious” Facebook user enters their password and username, giving a crook the ability to access the account and post from it whatever they want. For this to stop, you need to change your password and preferably activate login approvals. And stop entering your password into webpages that don’t belong to Facebook, of course!


Sponsored Content. Continued below...




Malware or browser extensions. Remember koobface? That was a type of malware specifically designed to cause havoc to any Facebook account associated with the infected computer. Strains of malware and rogue browser extensions can still cause your Facebook account to post spam, so ensuring you don’t install any untrustworthy software on your computer will most likely be enough to prevent this.

Hackers are rarely to blame for Facebook intrusions. In fact hackers are rarely to blame for the vast majority of security related accusations that are aimed in their direction. Vaguely blaming our security mishaps on the malevolent doings of hackers allows us – the victims – to shift the blame.

Giving up your password to a cybercrook isn’t getting hacked. Deliberately installing a Facebook app or a rogue browser extension that proceeds to post spam from a Facebook account isn’t getting hacked. This is compromising your own computer security and giving spammers and crooks the upper hand.

Educating people about online security is vital. Shifting the blame and remaining ignorant of the risks helps no one.