How those Facebook “who viewed my profile” Apps Works to steal your data ? Where is the proof that these “who viewed my profile” Apps are fully fake and scams ? How those Facebook “who viewed my profile” Apps Works is by the way a bad fraud human show various tricks to rip you out.
How those Facebook “who viewed my profile” Apps Works : Unless Your Secure Yourself You are Unsafe !
When the question how those Facebook “who viewed my profile” apps works, you must read Security Tips Facebook Never Told You. Because Facebook has told us, no one can view how often our profile is being viewed :
1 | http://goo.gl/FVDJf |
But that nice looking image file is being generated with “REAL DATA”, then ?
How those Facebook “who viewed my profile” Apps Works
Most are scam and usually contains Windows OS specific malwares or spy wares. Facebook never gives their analytics to anyone. When we login, FB’s own algorithm shows the likelihood ratio to show the list of 9 friends. Except we login it is not possible to see it by the others, except – any application is allowed the access the profile. When we accept such app, they can read the 9 friend’s facebook IDs. But they actually never gets the number of visits. We can programatically fetch the info :
http://graph.facebook.com/
Example for profile – http://graph.facebook.com/doctorabhishek
Example For Page – http://graph.facebook.com/thecustomizewindows
Example error – http://graph.facebook.com/Abhishek-Ghosh-Community
We actually wrote the usage of this method for a good reason. As Facebook was developed for an University’s campus usage not like a script like the dating websites, it by default shows the person who visits the profile of more closer age*. This is actually pulled from one Ajax call in PHP snippet, I am not giving the reference, you can find yourself easily.
Definitely you can use this ID to open my public page :
---
https://www.facebook.com/100000439872869 it will give a 302 redirection to https://www.facebook.com/doctorabhishek
Now when this ID is known, Image can easily be fetched :
https://m.ak.fbcdn.net/profile.ak/hprofile-ak-ash3/157623_1180870981_660906167_q.jpg
from the absolute path on fronted :
/profile.ak/hprofile-ak-ash3/157623_1180870981_660906167_q.jpg
(Note the profile ID)
*Explanation – If Corrine Aunt in above example visits my profile more than my a batch mate, the likely hood is, that batch mate’s image will show in that Friends box. There are various other factors like less conversion ratio (visited but not shared or gave like).
Another PHP script can ‘stitch’ these images to one real looking image output by these “who viewed my profile” App. The number of visits are possibly fake or snipped from another data.
This is why should not allow whatever app it is to sniff our profiles. Actually we can force refresh it by adding ?fref=st after our full url :
https://www.facebook.com/doctorabhishek?fref=st
By default we view :
https://www.facebook.com/doctorabhishek?ref=tn_tnmn
There are many such scams –
http://facecrooks.com/Scam-Watch/top-ten-facebook-scams-to-avoid.html
We explained the first one of their list. These apps has the potentiality to do a session hijacking.
