Facebook is the biggest and best-known social network, which means with it comes plenty of scammers, fraudsters and others up to no good. Some of these are genuine threats, and they are why you need to take steps to adequately secure your account; others are just scams and hoaxes that do the rounds, often with no clear purpose for being. (Also see: Best Facebook tips & tricks.)

We'll outline some of these scams below, so you know what is and is not worth your time worrying about. We'll also show you how to protect your Facebook profile from those who are out to cause you harm.

Popular Facebook scams & hoaxes

All it takes is for one person to fall for a hoax on Facebook and they spread like wildfire through the social network. Many people when quizzed will say they knew it wasn't true, but they thought they had better share it just in case. Which makes no sense whatsoever.

Facebook scams usually focus on the idea that Facebook is either going to start charging users, or that Facebook's privacy options are changing. By copying and pasting a status you can somehow protect yourself from either having to pay a fee or losing the rights to any of your stuff saved on the network.

Exactly why people start spreading these scams isn't clear, but there is one thing we can guarantee: they are all absolute rubbish and you can safely ignore them. Certainly do not share them, which does nothing other than keep the rumour alive and allow people to falsely believe they are protected.

Strangers are following you

This is an odd hoax doing the rounds, and one we think comes from a misunderstanding rather than anything malicious.

Facebook allows users to follow people who they aren't friends with, yet all they can see is any information posted on their profile with the public setting. If you've taken the steps we outline later in this article, it's really not anything you need to worry about.

However, we've seen the following message appearing on Facebook: "Learned something that was rather disturbing tonight. Time to tighten up security on your Facebook profiles!! I just blocked about 20 foreign people from following my profile and I thought I was already locked down! If you go to Account Settings > Blocking > Block Users and type in "following me", without the quotes, you may possibly see a bunch of people following you that you don't know Block each one and confirm!"

If you follow those steps you will indeed find a list of people you don't know. As will everyone else who tries - in fact they will see the same list of people you do. They aren't really following you at all. In fact, there is something in their profile - be it a nickname or a liked page or whatever - that causes them to appear under this search.

Strangers are following me on Facebook

Facebook owns your information

Back in November 2012 when these hoax posts first began doing the rounds, the company stated: "There is a rumour circulating that Facebook is making a change related to ownership of users' information or the content they post to the site. This is false. Anyone who uses Facebook owns and controls the content and information they post, as stated in our terms. They control how that content and information is shared. That is our policy, and it always has been. Click here to learn more: facebook.com/policies."

It's important to note that any terms and conditions to which you are bound were explained when you signed up to Facebook. Facebook can't change the terms without telling you, and posting a status update won't protect you from those you've already agreed to - if you don't like its terms (the actual terms, not the rumoured ones) then deactivate your account and stop using the social network.

Don't accept a friend request from this known hacker

We've seen a few messages shared via Facebook Messenger warning users not to accept friend requests from known hackers or their account will be compromised and so will that of all their friends. It's nonsense, but it does do some good in reminding people that they shouldn't be accepting friend requests from people they don't know.

Here's the full text: "Please tell all the contacts in your messenger list not to accept Jayden K. Smith friendship request. He is a hacker and has the system connected to your Facebook account. If one of your contacts accepts it, you will also be hacked, so make sure that all your friends know it. Thanks. Forwarded as received. Hold your finger down on the message. At the bottom in the middle it will say forward. Hit that then click on the names of those in your list and it will send to them."

Facebook will start charging users

"Now it's official! It has been published in the media. Facebook has just released the entry price: £5.99 to keep the subscription of your status to be set to "private". If you paste this message on your page, it will be offered free (I said paste not share) if not tomorrow, all your posts can become public. Even the messages that have been deleted or the photos not allowed. After all, it does not cost anything for a simple copy and paste."

This particular rumour first appeared on Facebook in 2013, and went viral in September. We're still waiting for Facebook to start charging £5.99. We'll be waiting a long time for it to do so because, apart from anything else, it is not in the business of alienating its users.

There are some other variations on the theme doing the rounds as well, such as this one:

"It's official. Signed at 10:33. It's even passed on TV. Facebook will start charging this summer. If you copy this to your wall your icon will turn blue and your Facebook will be free for you. Please pass this message, if not your icon will be deleted. P.S. this is serious, the icon will turn blue. (Copy and Paste to your wall.)"

Facebook data is going public

"Oh Dear Some PEOPLE COULD BE IN TROUBLE Everything you've ever posted becomes public from tomorrow. Even messages that have been deleted or the photos not allowed. It costs nothing for a simple copy and paste, better safe than sorry. Channel 13 News talked about the change in Facebook's privacy policy. I do not give Facebook or any entities associated with Facebook permission to use my pictures, information, messages or posts, both past and future. With this statement, I give notice to Facebook it is strictly forbidden to disclose, copy, distribute, or take any other action against me based on this profile and/or its contents. The content of this profile is private and confidential information. The violation of privacy can be punished by law (UCC 1-308- 1 1 308-103 and the Rome Statute). NOTE: Facebook is now a public entity. All members must post a note like this. If you prefer, you can copy and paste this version. If you do not publish a statement at least once it will be tactically allowing the use of your photos, as well as the information contained in the profile status updates. DO NOT SHARE. Copy and paste to be on the safe side."

The idea that simply copying and pasting a message would protect you from such a change is frankly ridiculous, never mind the fact Facebook would be in seriously hot water if it decided to open up its users' private data for all to see.

Here's another:

As of January 4th, 2015 at 5pm Central standard time. I do NOT give Facebook, or any entities associated with Facebook, permission to use my pictures, information, or posts, both past and future. By this statement I give notice to Facebook that it is strictly forbidden to disclose, copy, distribute, or take any other action against me based on this profile is private and confidential information. The violation of privacy can be punished by law (UCC 1-308-11 308-103 and Rome statute). NOTE: Facebook is now a public entity. All members must post a note like this. If you prefer, you can copy and paste this version. If you do not publish this statement at least once it will be tactically allowing the use of your photos, as well as information contained in the profile status updates. DO NOT SHARE. You MUST copy and paste to make this your status. I will leave a comment so it will be easier to copy and paste!!!

And another:

"In response to the new Facebook guidelines I hereby declare that my copyright is attached to all of my personal details, illustrations, comics, paintings, professional photos and videos, etc (as a result of the Berner Convention). For commercial use of the above my written consent is needed at all times."

And another:

"The content of this profile is private and confidential information. The violation of privacy can be punished by law (UCC 1-308- 1 1 308-103 and the Rome Statute). NOTE: Facebook is now a public entity. All members must post a note like this. If you prefer, you can copy and paste this version. If you do not publish a statement at least once it will be tactically allowing the use of your photos, as well as the information contained in the profile status updates. DO NOT SHARE. Copy and paste."

Facebook Messenger scam

A new type of scam doing the rounds works slightly differently to previous scams, spreading itself via direct messages from hijacked accounts rather than the News Feed.

Once an account is hijacked, the scammer will send a message to everyone in their Friends list with a link to what appears to be an image saved in .svg format. They are then taken to a site that looks like but is not YouTube, and instructed to download a browser add-on in order to watch a video.

This browser add-on is in fact malware, and can steal sensitive information such as account details, passwords and even banking information. It will also spread itself further to all the friends on your own list.

Should you see such a message on Facebook Messenger, don't click on the link without confirmation from your friend that they intended to send it to you. If it wasn't them, inform them that their account has been compromised and that they must change their password in Settings, General, Password.

While they're at it they should also check the Recognised Devices and 'Where you're logged in' options in Settings, Security, removing anything they don't recognise here.

Using a mobile antivirus may also help you to avoid downloading malicious software.

How to secure Facebook from the real threats

Unfortunately, not everything is a scam or a hoax. Some of the threats on Facebook are genuine, and if you’re going to share intimate details of your life on Facebook, it’s important to consider who can see what you’re posting. Follow our tips to below to make sure your Facebook account is secure from threats of all shapes and forms.

Keep Facebook private

The best way to see what you’re publically sharing is to put yourself in the public’s shoes. Go to your profile page, tap the three dots icon on your cover photo and choose View as. By default you will see your Facebook profile as seen by a random member of the public with whom you’re not friends, but you can also click ‘View as specific person’ if there is a certain friend for whom you have limited your posts (see below). If you’re not happy with what you see, follow the tips below to secure your Facebook profile.

Facebook privacy

It’s also worth checking out Facebook Privacy Basics for a real beginner’s step-by-step guide to Facebook security. 

Don't accept all friend requests

If you don’t know them, don’t add them. Simple. It’s worth going through your friends list every so often and weeding out all the randoms - who knows how they got there.

Facebook security

Keep an eye on kids

Facebook has an age limit of 13 years, but it’s easy to get around and even 13-year-olds need protecting online. If you have a young child using Facebook, check that they know who they are talking to, that those people really are who they say they are, and that what they are saying is appropriate - cyberbullies, pedos and groomers are not something you want your child to experience.

Consider what you post

Have you ever read someone’s posts every day on Facebook but walked past them in the street and not even acknowledged them? If the answer to that question is not yes then you’re in the minority. Not everyone who views your profile is your friend, and not all can be trusted with your most intimate personal details. One that really bugs us is the airport check-in posts. We might well be jealous that you’re off to soak up the sun for a week, but we won’t be jealous when you return to find your home ransacked and your irreplaceable personal belongings gone.

Share posts privately

Ensure your profile is locked down so that only approved friends see what you share. To do so, open Facebook and click on the downward triangle at the top right corner of the page and choose Settings. Under the privacy tab you’ll find an option for who can see your future posts. Click Edit and choose Friends, or choose More Options to select a custom list. (Certainly do not choose Public, and you should choose Only Me only if you wish to be a loner. In which case Facebook might not be the best place for you.)

This is a global setting, but you can also specify who can see individual posts. Before you hit Post on a new status, click the drop-down to the left of the Post button and again choose Friends or select More Options to specify a custom list.

Facebook security

Secure old Facebook posts

That takes care of future posts, but what about those you shared before you became concerned about Facebook privacy? Still in Settings, Privacy, Who can see my stuff is an option to ‘Limit the audience for posts you’ve shared with friends of friends or public?’ Set this to ‘Limit Old Posts’.

Secure posts you're tagged in

Facebook is a social network, which means it’s not all about what you do but also what your friends do. And they can tag you in all sorts of stuff that will be visible to all on your profile and in the News feed - if you let them. Open Settings, Timeline and Tagging and carefully check each option here. You can control who can post on your timeline, who can see posts you’ve been tagged in and even set Facebook to gain your approval before the tag is applied.

Facebook security

Hide your phone number

Facebook mobile nags and nags until you add your phone number to the service, but you don’t necessarily want that information to be visible to all who view your profile. Open the drop-down for Who can look you up using the phone number you provided under Settings Privacy, Who can look me up. You can do the same for your email address above, and below you can specify whether your Facebook profile should be listed by search engines such as Google.

Facebook security

Block people

Having followed the above steps your Facebook profile will be reasonably secure from people not in your friends list. But it’s the ones you don’t get on with who could become an issue. To block a Facebook member from being able to see your profile, go to Settings, Blocking and add their name under Block users. Click Block to save the change.

If it’s a friend who you’ve decided is no longer a particularly good friend you want to block, go to their profile and tap the three dots icon on their cover photo. Choose Block.

Facebook privacy guide continues on the next page