In recent months, an increasing number of companies and organizations have been asking prospective employees not only for their Facebook usernames, but also for their passwords. What started as a seemingly isolated incident in North Carolina last year turned out to be a lot more common than we thought. Last Friday, Facebook addressed the situation for the first time, and the company has this to say: You have the right not to give employers your passwords if and when they ask.

In an update on the website, company Chief Privacy Officer Erin Egan talked about how alarming the practice is, and how it compromises the privacy of everyone on your friend list, along with your own. According to Egan: “It is important that everyone on Facebook understands they have a right to keep their password to themselves.” In fact, if you take a look at Facebook’s Statement of Rights and Responsibilities, it’s a violation to share your password with anyone else. 

Meanwhile, Senator Richard Blumenthal (D-CT) is currently writing a bill to prohibit any employer from ever practicing the unspeakable policy. The Senator told the website Politico that he is deeply troubled by this tactic, and that his bill would be ready very soon.

Facebook: You Have the Right Not to Give Employers Your Passwords The Saturday Evening Post

Photo by Thomas Euler.

As Facebook continues to take the world by storm, many scammers are also spending countless hours lurking around the network — and they’re not looking for their friends from college. Instead, there are nefarious types who are more than happy to use Mark Zuckerberg’s creation to their own ends: making money, stealing personal information, gaining access to bank accounts, and generally making a nuisance of themselves.

Fortunately, there are some simple ways to keep the bad guys from getting hold of your information, time, and hard-earned cash. All you need is a little common sense and a little less haste when it comes to clicking links.

1. Ignore anybody asking you for money.

Unless it’s your little sister and she’d like you to spring a $50 so she can buy gas, most people asking you for money on Facebook are up to something.

The most common form of digital panhandling is advance fee fraud, also known as the 419 scam. It’s a variation on the scam from everybody’s favorite African royalty, the Nigerian prince. This time around, rather than spending money to receive your share of someone’s father’s inheritance, you’re asked to transfer cash to help a friend in danger.

If a chat window ever pops up from a friend claiming, “Help! I’ve been mugged in London!” (or Sydney, or Madrid, or Kansas), you should close it again — and contact your friend via another means to let them know their account has been hacked.

Similarly, keep an eye out for charity scammers, particularly around times of natural disasters or national holidays like Christmas or Thanksgiving. To ensure your money gets where you want it to go, do not donate money to any organization that you do not completely trust. You’re much better off going directly to the charity’s website and using one of the listed payment options.

2. If it sounds too good to be true… guess what?

Has a friend of yours “won a new iPad 2 OMG”? Could you win one too, if you just go to a certain website and hand over a bunch of personal details? Chances are, probably not. Look at the person’s post carefully, and you’ll see a few telltale signs that all is not what it seems.

Are there spelling errors from a person with typically impeccable grammar? Are they the sort of person who would enter a competition for, win, or crow about a new piece of technology? How does the “via” indicate the post was sent? Particularly if it’s been sent from an app you don’t recognize, you should delete the post and let your friend know their account has been compromised.

3. Look before you log (in).

Photo by Johan Larsson.

Phishers are very good at making their fake websites look very similar to the real thing, in the hope that they can steal your username, password, and other personal details.

If you receive an email that looks like a Facebook notification, check the link that it takes you to. If it’s anything other than http://www.facebook.com, do not enter your login details. Simply close the window and take no further action.

4. Resist temptation.

If a private message pops up or a friend posts on your wall that you “won’t believe” what’s being written about you on a blog, take a deep breath and do not click the link. Delete the post and (you guessed it!) let them know that they’ve been hacked. These links, just like the ones about the video you just have to see or the photos of the girl at the party, are all ways of preying on human nature — you can’t help but want to know what’s behind the curtain.

We’ll spoil it for you: There’s probably nothing there. Perhaps a pile of advertising, perhaps a lengthy survey (and a pile of advertising), perhaps a form for you to enter all sorts of personal details (with a pile of advertising on the side). There’s definitely no scandalous blog, no terrifying photographs, and no information on who’s been looking at your profile. Sorry.

5. Use your common sense.

If a friend’s Facebook post seems not quite right, don’t follow the link. Instead, send them a quick message (or contact them using another method) to let them know their account may have been compromised.

The weakest link

Of course, sometimes you’ll slip up. Curiosity may get the better of you, and before you know it, you’ve installed an app that’s posting bizarre messages all over your friends’ Timelines.

Don’t worry, you can still recover from this. Head to Account > Privacy Settings > “Edit your settings” (under Apps and Websites) > Edit Settings (under “Apps you use”), and then click the X next to any apps you want to delete. Take a few moments to go through this list while you’re there, and remove any apps you do not still use or those that you didn’t mean to add in the first place.

Then delete any posts that the app has made in your name; they should be listed on your Timeline, too. If you want, you can make a post on your Timeline about what’s happened, but there’s no need to send everybody a private message.

Finally, change your Facebook account password — and next time, be more careful.

5 Tips to Avoid Facebook Fraud The Saturday Evening Post