This Flaw In Facebook Lets You Create As Many Fake Likes As You Want

Business Insider

Yesterday we told you that Facebook quietly scans your messages, searching for URLs that you've sent to your friends. When it sees one, it increases the number of Facebook Likes on that URL.

The business media — Wall Street Journal, Forbes, and Gizmodo — have portrayed this as a privacy invasion.

But perhaps more importantly, it appears to be a massive source of bogus Likes. Put simply, by using your own Facebook messages you can drive up the apparent number of likes any non-Facebook page gets, even if the messages you send don't indicate that you actually like the page.

This is important for two reasons:

  • Facebook has been repeatedly sued by advertisers claiming their pages have seen too much click fraud. (There's a proposed class action case pending in a California federal appeals court, for instance). While click fraud is NOT the same thing as fake likes, plaintiffs' lawyers are clearly interested in any information that might indicate that Facebook generates the appearance of something being clicked on when in fact it has not.
  • Facebook recently purged hundreds of thousands of fake fans and likes from its system; an admission that the social network is riddled with bogus accounts.

Naturally, we tried to generate some fake clicks for ourselves, just to see how it works.

Here's our guide on how to do that.

First, we selected a Business Insider page that wasn't getting much traffic, so that we could see our own visits to the page in isolation from BI's general traffic. The page we chose was this Q&A with Edelman CEO Richard Edelman.

Then I took a snapshot of the page BEFORE I manipulated it through Facebook.

Note that in the social sharing buttons at the top of the story, the page had been viewed 225 times and "recommended" on Facebook just five times:

Then I sent a colleague, Christina Austin, a Facebook message that clearly indicated I had negative feelings about this story:

(For the record: I obviously DO NOT think that Richard Edelman sucks! This is just an experiment. Many companies monitor words like "sucks" next to their brand names in order to gauge negative consumer sentiment. Use of the word "sucks" is one of the easiest ways to alter any algorithm that is attempting to detect user sentiment.)

After Christina looked at the message, I refreshed my view of the Edelman page and — lo and behold! — the view counter had gone up by one, to 226, as expected, but the Facebook share button had increased by two, to seven recommendations:

To someone who knows nothing about Facebook's messaging system — which is to say, virtually everyone — it appears as if a single page visit triggered two Facebook likes on the page.

A Facebook spokesperson tells us:

This counter reflects the number of times people have clicked those buttons and also the number of times people have shared that page's link on Facebook.

We did recently find a bug with our social plugins where at times the count for the Share or Like goes up by two, and we are working on a fix to solve the issue now. To be clear, this only affects social plugins off of Facebook and is not related to Facebook Page likes.

In sum, Facebook is dishing out recommendations and likes all over the web, to the millions of pages that are now sown with Facebook sharing buttons, when nobody has actually clicked or recommended those pages.

Worse, those likes may actually reflect negative consumer sentiment.

And even though Facebook is going to fix the double-like bug, it's not going to alter its message-liking system.

Related:



More From Business Insider
View Comments (1)

Recommended for You