Bikini-clad women and photo tags aid Facebook scammers

If you’re a Facebook user, please repeat after me:

Facebook doesn't let you track who is viewing your profile.

Third-party Facebook apps aren't allowed to do it either, and if they claim to offer the ability they are banned from Facebook.

Don’t believe me? Here is the official word on the issue from Facebook itself:

Sign up to our free newsletter.
Security news, advice, and tips.

Facebook statement

And yet, we continue to see scams spread far and wide across Facebook claiming to offer the functionality.

See this example, for instance, which tags a photograph of a woman sunbathing in her bikini with the names of Facebook users.

Bikini-wearing woman profile view Facebook scam

Because the photograph has been tagged with the names of Facebook users, they will see it appear in their newsfeed and will – no doubt – be curious to find out more.

Profile view scam

A comment on the photograph claims to point to a way for Facebook users to see who has been viewing their profile. The girl in the bikini was being used as tempting bait, just to bring traffic towards that link.

(You’re probably thinking by now – wouldn’t it be nice if Facebook gave its users the ability to opt-out of all photo tagging? Of choosing to never want to be tagged in a photo without their permission? And yes, it would be a very good idea – but Facebook seems less than keen to implement it).

If you’re foolhardy enough to click on the link, you are taken through the process of adding a third party application – handing it the keys, effectively, to your profile and authorising it to post messages, photos and notes to your Facebook wall.

Rogue Facebook application

Of course, if you give it such permission it will simply perpetuate the scam – spreading it onto your friends using your and their names.

The purpose of all this subterfuge? To trick you into taking an online survey – which earns commission for the scammers.

Survey Scam

Remember – you should always think twice (and maybe three times!) before allowing an application to access your Facebook profile, as there are many rogue apps designed purely to make money for the scammers and spread their viral schemes to as many users as possible.

Photo tagging pictures of women wearing bikinis isn’t the only way that the scammers bring traffic to their campaigns, of course. They still find old faithfuls, such as viral status messages, an effective means to spread enticing news of a way to view who has been viewing your profile.

Here’s just such a scam spreading on Facebook as I write:


WOW l cant believe that u can see who ls viewing your profile! l just checked my TOP profile visitors and l am SHOCKED at who ls still checking my profile! You can also see WHO VIEWED YOUR PROFILE here: [LINK]

Make sure that you stay informed about the latest scams spreading fast across Facebook and other internet attacks. Join the Sophos Facebook page, where more than 100,000 people regularly share information on threats and discuss the latest security news.

You could also do a lot worse than check out our best practices for better privacy and security on Facebook guide.

Hat-tip: Thanks to reader Heidi for first alerting us to the bikini photo-tagging scam by sending us a tip

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.