Understanding and Avoiding the Facebook "Dislike Button" Scam
Rumors of the Facebook "Dislike" button have been around nearly as long as the "Like" button has. If you can actively show your approval of your friends content, why not be able to "dislike" it as well? This demand for a Dislike button has been going on for so long that most people are sure that Facebook will release it and very quick to jump on any evidence that such a feature has been added into Facebook. It's through this anticipation that scammers have been taking advantage of other Facebook users.
The Facebook "Dislike Button" scams started out as more of an annoyance. Other users would create groups or fan pages claiming that you needed to join the group of page to get the button. That was innocent enough until links were added into these groups that would take people off site and try to get them to click on illegitimate links that would do anything from install viruses, prompt you for your Facebook login information or just spam your friend's walls with invites to fall for the same scam that you just did. The growing interest in Facebook applications has made this "Dislike Button" scam even more of a threat since many people don't understand how, exactly, applications work.
What is a Facebook application? It is something that a verified user creates and hosts on their own server and embeds it within Facebook. Anybody who can verify their account with a phone number of credit card can do this. The web page that you create is embedded inside of a frame in Facebook for anybody to access. You don't need to be a hardcore programmer to do this. In fact, you can simply create a web page that says "Hi, I'm on Facebook!" in plain text. On the contrary, you can create a complex flash game (such as the popular Farmville) and embed it into Facebook as well. The process of doing so is not very difficult, even for those with absolutely no HTML experience due to the abundance of guides and how-to's around the Internet.
How is a simple page like this so dangerous? Any of these applications can ask for "permission" to access your profile, wall, e-mail address and various other things. Think of any time you've taken a personality quiz or played a game on Facebook. Before you can play it, a box pops up asking you to grant permission to this application by clicking "Allow". Most legitimate applications use this to post things to your wall. For example, you need more bricks to build a house in a game on Facebook and you want to ask your friends to help. Or maybe you leveled up and you want to share it with your friends for an extra reward. You say you want to "Share" or "Publish" that information and it publishes to your News Feed. You see these alerts for many popular games such as Farmville and Mafia Wars. Aside from being a bit of a nuisance for those who don't play, it's never been intrusive or unsafe. Scam applications, like the "Dislike Button," took this to a whole new level.
We all know what one of these posts look like. It's something posted by a specific user prompting others to do something, such as "help" in a game. For example:
"Laura needs help fending off the Zombie horde! Click to help her out!"
You'll see an image coo responding to the game and then a line along the bottom that looks something like this:
"Tuesday at 10:19am via Zombie Attack · Like · Comment · Help Fight!"
This line lets you see the date and time it was posted, the name of the application that posted it, "like" the action and comment on it. That last bit of text, shown as "Help Fight!" in this example can be changed to whatever the owner of the application wants it to. For example, a different prompt from the same game could be something like this:
"Laura needs bricks to build her house! Click to send her bricks!"
Then the line at the bottom would say:
"Wednesday at 5:34pm via Zombie Attack · Like · Comment · Send Bricks"
You'll notice that this is the same application sending a notification, but they can customize the link at the bottom to coo respond with what the news feed post is asking for. Facebook has been very good in letting developers customize their news feed posts. The image, title, description and links can all be adjusted. Clicking "Send Bricks" or "Help Fight" brings you to the exact same place that clicking on the title or the image will.
Now that you understand how applications and news feed posts work, you may have a better idea of how these illegitimate applications are scamming users. The latest "Dislike Button" scam took the form of a news post and posted the following on users' walls:
"Facebook just launched the dislike button! Click 'Activate Dislike Button' to enable this new feature!'
The line below this said:
"Tuesday at 7:11pm via Reviews · Like · Comment · Activate Dislike Button"
People see the "Activate Dislike Button" and assume that it is legitimate because this is posted by a friend to their walls. How could their friend make a link like that? The answer is right in that same line:
"Tuesday at 7:11pm via Reviews"
This line here shows you that it is posted by an application, called "Reviews". The "Activate Dislike Button" could be named anything, just like "Help Fight!" and "Send Bricks" above. Clicking on "Activate Dislike Button" prompts you for permissions, which most people do because they assume this is part of the "installation" process. At this point you've given the application all the ammunition it needs: it can now access your friends and your news feed, and it takes advantage of this by using the Facebook "share" functionality to post this same message on all of your friends walls.
Now that you know the logistics of the scam, how do you avoid it? There are a few practices you can employ to be sure you don't fall for Facebook scams such as this:
1. Remember that you will never have to "install" a feature like this to Facebook. If a new feature is released it will be automatically added to the Facebook platform and you won't have to do anything. For example, remember when Facebook Questions, the official Facebook surveys were released not long ago? Those simply started appearing as an option, and were not something you had to "install".
2. If Facebook requires you to take any action it will be told to you by them, not by a friend posting a link. It will be published in your News Feed or as part of the actual interface by Facebook themselves.
3. Do you suspect that a page you liked or group you joined publishing in your news feed is simply posing as Facebook? Go to the Facebook Page or Group, scroll down underneath their "Likes" on the left hand side and see if there is a "Report this Page" link. If there is, it's a third party page or group and not officially by Facebook.
4. Before you click on a link, whether it says "Active Dislike Button" or "Help Fight!", hover over the link and see where it is going to take you to by looking at the address at the bottom of your screen. Does it point to something on facebook.com? If so, then it's most likely safe. If it points to a site you don't recognize, including a shortened url like bit.ly (which anybody can use), then chances are it's a scam. Still not sure? Send the friend a message first to make sure they sent it to you on purpose, and that it wasn't auto posted to your wall without their knowledge.
5. On the same note, always check your address bar. If you did click "Active Dislike Button", then you'll notice it brings you completely off Facebook. Facebook will never make you go off of their website to "install" a feature.
6. Be wary of anything that gives you instructions to paste some sort of script into your address bar. They can't get this script to load automatically, so instead they're bypassing it by trying to convince you to enter it manually. A legitimate application will never ask you to do this.
7. Be wary of "proof". Images can be altered to make it look like there's a "Dislike" button. Simple images or videos prove nothing unless Facebook themselves are releasing them.
8. If an application asks you for permission, as nearly all applications do, and you're suspicious of it, investigate the app further. On the permissions screen it will say:
"(Insert Application Name Here) is requesting permission to do the following:"
Click on the application name to check out the profile page for that application. Clicking on this does not give it permissions and will not harm your computer. You can see what other people are saying about the application, see how popular it is by looking at it's monthly users, see if it was developed by Facebook or an individual developer or even report or block the application.
With all that said, don't let this turn you away from all the amazing applications that are present on Facebook. Facebook is a wonderful platform with a lot of really fun games and very resourceful applications. There's a lot of hard working developers who legitimately work within Facebook's guidelines and use the permissions you grant them for nothing other than enhancing your experience using the application. The guidelines above are simply there to help you separate the good applications from the scams. Happy Facebooking!
The Facebook "Dislike Button" scams started out as more of an annoyance. Other users would create groups or fan pages claiming that you needed to join the group of page to get the button. That was innocent enough until links were added into these groups that would take people off site and try to get them to click on illegitimate links that would do anything from install viruses, prompt you for your Facebook login information or just spam your friend's walls with invites to fall for the same scam that you just did. The growing interest in Facebook applications has made this "Dislike Button" scam even more of a threat since many people don't understand how, exactly, applications work.
What is a Facebook application? It is something that a verified user creates and hosts on their own server and embeds it within Facebook. Anybody who can verify their account with a phone number of credit card can do this. The web page that you create is embedded inside of a frame in Facebook for anybody to access. You don't need to be a hardcore programmer to do this. In fact, you can simply create a web page that says "Hi, I'm on Facebook!" in plain text. On the contrary, you can create a complex flash game (such as the popular Farmville) and embed it into Facebook as well. The process of doing so is not very difficult, even for those with absolutely no HTML experience due to the abundance of guides and how-to's around the Internet.
How is a simple page like this so dangerous? Any of these applications can ask for "permission" to access your profile, wall, e-mail address and various other things. Think of any time you've taken a personality quiz or played a game on Facebook. Before you can play it, a box pops up asking you to grant permission to this application by clicking "Allow". Most legitimate applications use this to post things to your wall. For example, you need more bricks to build a house in a game on Facebook and you want to ask your friends to help. Or maybe you leveled up and you want to share it with your friends for an extra reward. You say you want to "Share" or "Publish" that information and it publishes to your News Feed. You see these alerts for many popular games such as Farmville and Mafia Wars. Aside from being a bit of a nuisance for those who don't play, it's never been intrusive or unsafe. Scam applications, like the "Dislike Button," took this to a whole new level.
We all know what one of these posts look like. It's something posted by a specific user prompting others to do something, such as "help" in a game. For example:
"Laura needs help fending off the Zombie horde! Click to help her out!"
You'll see an image coo responding to the game and then a line along the bottom that looks something like this:
"Tuesday at 10:19am via Zombie Attack · Like · Comment · Help Fight!"
This line lets you see the date and time it was posted, the name of the application that posted it, "like" the action and comment on it. That last bit of text, shown as "Help Fight!" in this example can be changed to whatever the owner of the application wants it to. For example, a different prompt from the same game could be something like this:
"Laura needs bricks to build her house! Click to send her bricks!"
Then the line at the bottom would say:
"Wednesday at 5:34pm via Zombie Attack · Like · Comment · Send Bricks"
You'll notice that this is the same application sending a notification, but they can customize the link at the bottom to coo respond with what the news feed post is asking for. Facebook has been very good in letting developers customize their news feed posts. The image, title, description and links can all be adjusted. Clicking "Send Bricks" or "Help Fight" brings you to the exact same place that clicking on the title or the image will.
Now that you understand how applications and news feed posts work, you may have a better idea of how these illegitimate applications are scamming users. The latest "Dislike Button" scam took the form of a news post and posted the following on users' walls:
"Facebook just launched the dislike button! Click 'Activate Dislike Button' to enable this new feature!'
The line below this said:
"Tuesday at 7:11pm via Reviews · Like · Comment · Activate Dislike Button"
People see the "Activate Dislike Button" and assume that it is legitimate because this is posted by a friend to their walls. How could their friend make a link like that? The answer is right in that same line:
"Tuesday at 7:11pm via Reviews"
This line here shows you that it is posted by an application, called "Reviews". The "Activate Dislike Button" could be named anything, just like "Help Fight!" and "Send Bricks" above. Clicking on "Activate Dislike Button" prompts you for permissions, which most people do because they assume this is part of the "installation" process. At this point you've given the application all the ammunition it needs: it can now access your friends and your news feed, and it takes advantage of this by using the Facebook "share" functionality to post this same message on all of your friends walls.
Now that you know the logistics of the scam, how do you avoid it? There are a few practices you can employ to be sure you don't fall for Facebook scams such as this:
1. Remember that you will never have to "install" a feature like this to Facebook. If a new feature is released it will be automatically added to the Facebook platform and you won't have to do anything. For example, remember when Facebook Questions, the official Facebook surveys were released not long ago? Those simply started appearing as an option, and were not something you had to "install".
2. If Facebook requires you to take any action it will be told to you by them, not by a friend posting a link. It will be published in your News Feed or as part of the actual interface by Facebook themselves.
3. Do you suspect that a page you liked or group you joined publishing in your news feed is simply posing as Facebook? Go to the Facebook Page or Group, scroll down underneath their "Likes" on the left hand side and see if there is a "Report this Page" link. If there is, it's a third party page or group and not officially by Facebook.
4. Before you click on a link, whether it says "Active Dislike Button" or "Help Fight!", hover over the link and see where it is going to take you to by looking at the address at the bottom of your screen. Does it point to something on facebook.com? If so, then it's most likely safe. If it points to a site you don't recognize, including a shortened url like bit.ly (which anybody can use), then chances are it's a scam. Still not sure? Send the friend a message first to make sure they sent it to you on purpose, and that it wasn't auto posted to your wall without their knowledge.
5. On the same note, always check your address bar. If you did click "Active Dislike Button", then you'll notice it brings you completely off Facebook. Facebook will never make you go off of their website to "install" a feature.
6. Be wary of anything that gives you instructions to paste some sort of script into your address bar. They can't get this script to load automatically, so instead they're bypassing it by trying to convince you to enter it manually. A legitimate application will never ask you to do this.
7. Be wary of "proof". Images can be altered to make it look like there's a "Dislike" button. Simple images or videos prove nothing unless Facebook themselves are releasing them.
8. If an application asks you for permission, as nearly all applications do, and you're suspicious of it, investigate the app further. On the permissions screen it will say:
"(Insert Application Name Here) is requesting permission to do the following:"
Click on the application name to check out the profile page for that application. Clicking on this does not give it permissions and will not harm your computer. You can see what other people are saying about the application, see how popular it is by looking at it's monthly users, see if it was developed by Facebook or an individual developer or even report or block the application.
With all that said, don't let this turn you away from all the amazing applications that are present on Facebook. Facebook is a wonderful platform with a lot of really fun games and very resourceful applications. There's a lot of hard working developers who legitimately work within Facebook's guidelines and use the permissions you grant them for nothing other than enhancing your experience using the application. The guidelines above are simply there to help you separate the good applications from the scams. Happy Facebooking!
Published by Laura Byrnes
I am currently a student working towards a Bachelor's Degree in Computer Sciences. View profile
- Facebook Users Dislike the Dislike Button Scam
- Did Facebook Add a Dislike Button?
- Guide to Avoiding Facebook Scams
- Staying Ahead of the Scams on Facebook
- Facebook Dislike Button Question of Interest Today
- 3 Reasons Why Facebook Won't Introduce a "Dislike" Button
- Facebook's "Like" Button: Another Way to Keep Tabs on Users & Target Ads?