Of course it was bogus. The question I pose to Facebook is: “Why does this keep happening?”
We spent some time going through each of the Security settings to see if there was any application exposure. I always advise folks not to add 3rd party applications to their Facebook profiles unless they check out the author/vendor, but sometimes the temptation of a fun app causes caution to be thrown to the wind.
We discovered that there were a whole list of applications that still had access to his account. He had used these in the past, but when he checked the list of applications, he did not notice the drop-down menu at the top of the application list. By default, it does not show you all of the applications that have access to your friends list and profile. You have to open the menu and select “Authorized” in order to see all of the applications to which you have given permission to access your account.
I’m not sure his account was truly “hacked,” although that is the common term used to explain this anomaly. It more reminds me of SPAM wherein the sender can spoof the e-mail reply address of someone else. Does Facebook have similar security issues where a crafty developer can write code that will read your friends list and then pump out bogus wall posts on all your friends walls in the hopes of getting them to click on a link that likely will install a virus on their systems? I’m actually not sure, but I’m suspicious.
Regardless, my advice is to remove all of that “stuff” from your Facebook account and stick only with the Facebook built-in functions. Yes, I know they are fun. Yes, I know people like them. But honestly, doesn’t all of that stuff just chew up your valuable time?
For those of you who want the steps, here goes:
- Login to Facebook
- Select “Account” then “Application Settings” from the top menu bar
- Drop down the menu next to “Show:” and select “Authorized”
- Click the “X” to delete every application you are not sure of or do not recognize from your account
- Change your password by going to “Account” then “Account Settings” and clicking “Change” under Password
Try to resist adding applications to your profile. Bad things could happen. 😛