I fell for it. When a tech-savvy and trustworthy friend posted a link on his Facebook wall, I clicked through without thinking of the consequences. The lure of Jersey Shore fails was too much and I clicked. Before I knew it, the app had installed itself on my profile, posted itself on my wall and had been sent to all my friends with a message asking contacts “do you kno about mtvs jersey shore.” Very embarrassing.
Quickly, I removed the posts and marked them as spam, alerted the friend where the malware originated, removed permissions for the app in Privacy Settings > Apps, Games and Websites, posted warnings on my wall and changed my Facebook password. The password change was a precaution resulting from my paranoia. I knew I wasn’t phished, but I wanted to make sure I was in the clear.
I worked as fast as I could to limit my contacts following the links I sent out, but is that enough? There were still booby trapped links waiting in email inboxes from the Facebook messages, what was my responsibility to those friends?
While it could be awkward, I think the best way to stop spam applications spreading is full disclosure.
Owning up to my Jersey Shore curiosity and warning those I could have potentially infected would be for the best. Luckily, I had previously exported all of my friend’s contact details from Facebook through a life hack. I sent the list an email, warning them not to click on any links I had previously sent and apologising for the security let-down.
In any online security issue, the human element is often the most likely vulnerability. Owning up to errors, no matter how awkward or embarrassing, is one way to limit the risk from those human screw-ups.
And the friend who I originally caught the malware from, offered to buy me a beer. Happy ending.