Why Does A Facebook Account Send Spam Messages?

What happens when a Facebook account posts and sends spam messages without the account owner’s knowledge? How to identify and fix the problem. It will undoubtedly have happened to you in the past, and lately, it happens more frequently: you are registered on Facebook, and suddenly, a friend of yours sends you spam messages. The messages contain references to unsuitable sites, dating sites, commercial offers, accessible earning opportunities, etc.

These communications arrive from contacts on Facebook as private messages or on Messenger. Messages can also appear in your Facebook feed, which is the page that hosts status updates, photos, videos, links, app activity, and “Likes” from people, Pages, and groups you follow on the social network.

Let’s take as an example this emblematic post that circulated at least until the end of summer 2022:As we can see, a contact present among Facebook friends seems to have shared an article explaining how to make money with an “invention” . The post exploits popularity to spread false information and get as many victims as possible to bite.

In this case, the authors of the spam campaign on Facebook are promoting a scam related to the world of cryptocurrencies. What may leave you stunned is that the message seems to have been posted by a friend, it is written in Italian, and there are comments with the testimony (also false) of the experience with the (fake) service being presented. Often the post earns additional comments and likes.

Furthermore, to amplify the diffusion of the content among Facebook contacts as much as possible, friends and acquaintances are “tagged” (in the example in the figure, the message ” is with … and 81 others ” is visible). Alternatively, spam messages can arrive via Messenger (we have seen how to use Facebook with Messenger using a single app) or in private messages.

The following is an example in English: “Suspicious” messages like the one we propose below may also start appearing on the Facebook wall of your contacts: In all cases, the user who receives the message is invited to visit a web page external to Facebook and perform a series of operations that will endanger his account and the integrity and confidentiality of his data.

How Unwanted Messages Are Sent On Facebook

Why did your Facebook account or that of your friends start sending spam messages left and right? How to avoid this phenomenon? Sending unwanted messages via Facebook can occur as a result of various situations:

– Install and activate Facebook apps and games. Facebook allows developers to build add-ons that integrate with user accounts. The user who installs Facebook apps and games can authorize the add-on, upon request of the latter, to publish posts on his wall or in groups, send messages, change the profile picture and cover image and much more.
– If your device is infected. The attacker who makes the user install a malicious component on his device can steal Facebook login credentials: we have seen how easy it is to find the passwords saved on the user’s system and extract them from any Web browser. The malicious component running on the system can also steal the authentication cookie on Facebook. In this way, the remote attacker can operate on Facebook, assuming the identity of another user without even knowing the username and password. The theft of the authentication cookie is a widespread practice, for example, to access the accounts of users who have activated two-factor authentication on Facebook. Authentication credentials and Facebook cookies are transferred to remote servers so attackers can use them and initiate identity theft on the social network. The problem affects not only PCs but also mobile devices: as we have seen in the case of GodFather and other Android apps containing malicious components, assigning special permissions can lead to the theft of any data, including Facebook credentials and cookies.
If the browser uses malicious extensions, cybercriminals can behave exactly as in the previous point. When using any web browser, it is essential to check the extensions installed and avoid loading and activating all those add-ons made by unknown or potentially unreliable developers. In the case of Chrome on PC, it is advisable to periodically type chrome://extensions in the address bar and remove the extensions that are not used.

It has happened so often that a legitimate extension has become dangerous. By pasting the destination URL referred to in a message received from other Facebook users on ScamDoc, you immediately receive an indication of the “goodness” of the domain and the activities that are carried out through it.

If the domain is used for spam activity, if it has been recently registered and has a reduced life expectancy, if its pages are HTTPS, if the WHOIS data of the domain owner is obscured, and if other elements are suspicious, then ScamDoc shows terrible rating (percentage less than 10%). To read the target domain name of a Facebook link, you can right-click on it, copy the URL, paste it into the URL Decoder page and click on Decode .

Once upon a time, to launch an attack on the page’s content, the victim was asked to paste JavaScript code, perhaps obfuscated, into the browser’s address bar. For security reasons, Chrome, Chromium and all derivative browsers have long stopped executing JavaScript code (starts with javascript: ), possibly pasted into the address bar. The user can manually add the initial javascript: but this is now unlikely to happen.

How To Stop Sending Spam Messages On Facebook

To avoid further sending of spam messages via Facebook, it is possible to act with a multilevel strategy. First, checking the Facebook access history to verify if unauthorized users possess the access credentials is possible. If you only find references to your devices and the geographic area you’re in, then it’s likely that no attacker has that data.

By clicking on the dots to the right of each access, it is possible to select Exit to disconnect the third-party device. The next step is to check the contents of the Apps and Websites page: from here, removing all the apps and games linked to your account that could use more or less “delicate” permissions is essential.

Like browser extensions, Facebook apps may also “shed their skin” over time. As soon as they gain a sufficient user base, these add-ons for the social network may start conducting opaque activities and sending messages to contacts without the user being aware of it. Using one of the best antiviruses, carrying out a complete scan of your devices is advisable.

Regardless of which security solution you choose, Malwarebytes can be used as a “second opinion” on both PCs and mobile devices. It is a product that does not conflict with any other antivirus package and can be used on its own in Windows alongside Microsoft Defender. On Android devices, it can report malicious apps and draw the user’s attention to those that require too broad permissions.