No, it wasn’t hackers or viruses. The Internet blame game.

Only a couple of days we reported on a viral phishing scam that hit Facebook resulting in a surge of spam links posted on users timelines directing to phishing websites.

Users who clicked the links were directed to a spoof Facebook login page that stole the username and password entered into it, giving criminals access to the account, which in turn resulted in that user’s account sending out the same spam links to their friends.

It highlighted a common phenomenon that we often encounter when attacks like this occur, and that is the tendency for those affected to blame the entire incident on viruses or “hackers”.

No doubt encouraged by how television stereotypically depicts Internet security, when unpredictable or undesirable events happen to our online properties – such as our Facebook accounts – it is perhaps too easy to lay the blame on the doorsteps of terms that we are familiar with, without fully understanding what they mean.

So for example, when our computer starts behaving erratically, we blame viruses. When our Facebook accounts begin posting spam links, we accuse hackers.

The problem with this mindset however, is that is shifts the responsibility away from us – the user – to someone else. We refuse to take accountability, and assume that the entire incident was out of our hands, and the work of malicious cyber-criminals.


Sponsored Content. Continued below...




But this is rarely an accurate reflection on what is actually happening. Whilst criminals do play a part in online attacks, as with most Internet scams they rely on their victims playing the most crucial role to their own downfall. Criminals rely on their victims not sufficiently educating themselves to online scams that are, for the most part, unoriginal, dated and easily avoidable.

For example the recent viral phishing scam. There were no viruses, and no hackers. No one magically compromised your Facebook account, and no one infected either Facebook or your computer with a virus. This was a relatively primitive type of phishing scam that’s been around for years, but still manages to trick many into compromising their accounts.

It was a scam that relied on people clicking a suspicious link, as well as entering their Facebook login details on to a spoof website that did not belong to Facebook – both activities that could be easily preventable had the victim known what to look out for, and how these scams work.

But as is common with such scams, many didn’t know what to look out for, and fell for the scam as the criminals had intended. After which, they assumed that “there’s a virus on Facebook” or “hackers hacked my account” when neither was remotely true.

Understanding basic security principles is vital and perhaps the most important component to keeping yourself safe online. And this involves understanding that for the vast majority of scams out there, it’s the criminals relying on you to make basic errors in judgement. Without those errors, criminals cannot access your Facebook account, they cannot post spam links from your account, and they cannot infect your computer with viruses.