The new ‘dislike’ button that has got Facebook users talking over the past couple of weeks has been revealed to be a scam.
The scam tricks users into thinking they are downloading the dislike button, but in fact, they are allowing a rogue application to hack into their profile page. This then allows them to access their Facebook account and post messages as if they were that user.
The process of downloading the dislike button also lures the user into completing an online survey, for which the scam artists get paid for.
When users begin the process of installing the dislike button, they receive a message which says – “Download the official DISLIKE button now.”
Once users have clicked on this link they are then prompted to install what they think is the dislike button. It is in fact, a rogue application, which does not work as a dislike button, but gives the scammers access to that user’s profile.
In the final stages of the scam, users are pointed towards a Firefox add-on that installs the “dislike” button.
As soon as the user has agreed for the application to install the button, their profile is updated with the message – “I just got the dislike button, so now I can dislike all of your dumb posts lol!!!”
And this is just the start. The rogue application will continue to post comments from this user’s profile until the application is uninstalled.
Graham Cluley of security firm Sophos said this wasn’t the first “survey scams” to pop up, but it was popular as many people had been asking if a dislike button would be available soon.
Other ways of hooking people into survey scams is to tempt them with the idea that they will have access to a sensational video.
“One thing we commonly see is that the message starts ‘OMG, shocking video’,” he said.
“And they appear to come from your Facebook friend, giving it a ringing endorsement.”
A spokesperson for Facebook advised that people should not click on suspicious links, even if they appear to be from friends.
“Many people are giving permission for completely unknown apps,” Mr Cluley told BBC News. The surveys appear to be from genuine companies, he said.
“As far as we can tell, they appear to be legitimate,” he said. “It could be that the firms are not policing their affiliates properly.”
Mr Cluley said the add-on also appears to be legitimate.
Ron Sharpp, CEO of FaceMod, the maker of the add-on, told BBC News that his company was “in no way affiliated with the online scams”.
He said the firm had been sent “several support e-mails” asking about the surveys.
“In response, we’ve taken efforts to remind our users that those are not official posts and warning users not to download any version of our add-on from an alternate source,” he said.
The company is so concerned about the survey scams is has issued a warning on its Facebook page.
Facebook advised users that there was a “very quick process in place” to make sure that links and rogue applications were taken down quickly, and told their users that:
“They can report any posts to us. We can make sure that we take down any application or all of the links across Facebook.”
Mr Cluley didn’t think this was enough however, and said that although Facebook could respond quickly, rogue applications should be watched more closely.
“Anyone can write a Facebook app – these scams are constantly springing up,” he said.
Currently, all Facebook offer is a ‘like’ button, which allows people to show their appreciation for other user’s posts and comments. Facebook have no future plans to install a dislike button.