Facebook’s uphill battle against rogue apps
OMG! I can’t believe the see-who’s-viewing-your-Facebook-profile scam is back again! And that so many people are falling for it!
A Facebook app called ProfileSpy is purporting to offer Facebook members one of the most demanded services Facebook won’t allow: data on who is looking at your profile. Facebook knows, of course, since it collects that data. If you had a web site or a blog, you could track it easily for free. But Facebook won’t share it.
Neither will ProfileSpy, and other rogue apps like it. Instead, according to security software company Sophos, which alerted Facebook and others to the scam, the app will request permission to access private data, such as your picture, demographic data, lists of friends and any data you’ve shared with everyone. It will also ask that you let the app send you emails, post to your wall and log in as one of your pages. Then it will post an update to your friends that reads: “OMG OMG OMG… I cant believe this actually works! Now you really can see who viewed your profile!”
What it won’t do is let you know who is accessing your Facebook profile—but you won’t find that out until after you’ve let it scrape your private data onto its servers. It’s not the first time that rogue apps have tried this. Facebook has gotten better at fighting such scamming apps, but this one snuck through.
Scams and malware are an inevitable side effect of the web’s evolution, especially with a company growing and innovating as quickly as Facebook is. But in Facebook’s case, its insistence on collecting and sharing personal data with advertisers has created a platform that is all to easy for scammers to harvest this data for themselves. How Facebook handles that threat will affect its sustained popularity in the long term.