It's a Scam!
Okay, so apparently two of my friends have sent me a link advertising some application that claims to send you a Facebook notification visits your profile. Initially, I thought, “Oh! That sounds interesting!” So I clicked through to the Facebook group with directions.
It’s a scam. And an excuse to post a blog post.
Disclaimer: The two groups I was invited to were different, and so some things were worded differently. If I mention some things that are not mentioned by one of the groups (not linked here because that would simply be mean), it’s probably mentioned by the other, or paraphrased.
Upon arriving on the group page, I was greeted by the words “HOW TO GET:”. It made me flinch because of the disregard for English grammar. Colons are always preceded by an independent clause, and “HOW TO GET” (in all caps) can’t even stand on its own without the colon. This, of course, is excusable because this is the Internet and even I find some uses for all caps at times.
The first step was joining the group. Everyone knows that joining a group achieves nothing but adding a little more to the giant mass of group names in their Facebook profiles, but who cares because it’s what the directions say, right?
Oh, right, the second step requires me to click the share button to spam all my friends about the group. Okay, no wonder step one was there. But wait!
================================
Step 2: On the bottom left of this page there is a little button that says “Share”. Click it, and hit “Share+” when it pops up. Doing this will help the dislike button get out to your friends.
================================================================
Step 3: After Step 2, Click the ‘Invite People to Join’ link on the left hand side of the page. (Required because this is a big part of what makes the dislike button work!)
================================
Okay, so… erm… what? Dislike button? I thought we were trying to find out when someone visits my profile!
It’s one thing that your readers might not read your directions, it’s entirely another that you don’t even read your own content before you put it online. (Yes, that was my first ever italic and bold on this blog. I know, thank you.)
Alright, whatever, let’s say you do it anyway, reasoning that the developer was probably too busy coding a brilliant app to proofread the directions. You move onto the next step. Oh, look, it wants you to paste javascript:elms=document.getElementById('friends').getElementsByTagName('li');for(var fid in elms){if(typeof elms[fid] === 'object'){fs.click(elms[fid]);}} into your address bar. (Go ahead and try that here, I bet you it won’t do anything.)
I stared at this snippet of code for a few moments. Here it is again, separated into pieces for easier reading.
elms = document.getElementById('friends').getElementsByTagName('li');
for(var fid in elms){
if(typeof elms[fid] === 'object'){
fs.click(elms[fid]);
}
}
What does it do, you ask? In English…
Make a list of all the friends in the friends window and call it "elms"
For every friend in elms...
If it's click-able..
Click it.
End If.
Go on to the next friend.
As we all know, clicking on a friend in the invite friends window selects him or her to be invited. So basically, all the snippet of code does is tell your browser to click on everything in the window.
If you do NOT complete this step, our application is programmed not to work for you. No cheating!
This statement is a blatant lie. Did you see anything saying “Tell so and so that we’ve run this bit of code” in the translated English version I typed up there? Neither did I.
Alright then! The final step! This is where the two groups differed… or they seemed to. One of the links was a tinyurl, and the other was a bit.ly. (Speaking of which, I like bitly more than tinyurl, and I promise I’ll never, ever try to scam any of you with a bitly link ever. ^.– Wondering if I really sent the link? Add a plus sign to the end of the link like so–http://bit.ly/6PCdSG+) The tinyurl routed me to a discomfortingly obscure page, http://www.tomoh.000a.biz/pvn1.html. It wanted my email. A inexperienced user would think that this was merely used to verify that he has a Facebook account… and so type in their real email. Therefore, I reasoned that it must be an attempt to get a user to willingly give up their real email. I typed lalala into the form and submitted.
Hurray for Incognito Mode!
It brought me to the second page, not even complaining that lalala looks nothing like an email address. (All email addresses tend to at least have a @, followed by some characters, followed by a ., followed by some letters.
The bit.ly link brought me to a blog post that then linked me to a less obscure and more modern URL, http://shadyhabit.com/get-it-now/. Even though the URL was less obscure, there was something that still told me that the webpage was a bit shady and should not be trusted.
Noes.
Being a bit concerned for my safety, I decided to look at the source of the page. I realized I could make the dark overlay mysteriously vanish by adding a display: none CSS attribute! As soon as I did it, however, a mean dialog popped up and refreshed my page. So I guess I couldn’t. I tried out the first of the offers, Take the IQ Challenge.
My first thought? “This looks familiar.”
Summary terms: This is an auto renewing subscription service that will continue until canceled anytime by texting STOP to short code 40684. Available to users over 18 for $9.99 per month charged on your wireless account or deducted from your prepaid balance for 3 alerts per week on T-Mobile, Verizon Wireless, Virgin Mobile USA, Cellular One, Cincinnati Bell, Centennial Wireless, and Unicel (5 alerts per week). US Cellular 5 alerts/wk. For $4.99 per month for 2 alerts per week on Cricket… By signing up for this service and entering your personal PIN Code delivered to the cell phone number supplied by you on this website, you acknowledge that you are agreeing to thee full Terms of Use.
So what? I do a little quiz, and get subscribed for something giving me ringtones and similar junk for the low price of $9.99? Fun! And all this to get notifications whenever someone visits? “Moar” fun! I closed my window, never to return. 
But let’s think rationally now… do we even need this? How many people visit your profile page every day? Well… how often do you visit other people’s profile pages? Okay, fine, maybe more than me. Alright.
How many times have you logged into Facebook and gone “Aww, 32 notifications.” Yup, that feeling. Now imagine 10 people going to your profile every hour. “Aww, 272 notifications.”
If you really want to be able to be notified whenever someone visits your page, let me know and I’ll see what I can do to make you an app that can do that for you in a non intrusive way–that doesn’t make you go to shady websites.
And the best part? Facebook is deprecating notifications. Err, what, you ask? That means they’re going to remove the feature from applications within the next month.
Have fun everyone! 
[...] al grupo, y vuelva a esta página por mayor información. {Nota de Segu-info: Según el análisis técnico (en inglés), realizado en Demonic Angelicism con estos grupos se termina engañando al usuario a [...]
hell i would love to see who visits my profile i do look at others allot and i have mad people look at mine but i dunno who does and when they do you know how handy that can be could be very handy lol i like how you where able to track it all down and figure it was a scam love to have the app if you can link me with a link to the app or even send it to me or something lol
thanks allot for your time
Please please can we get that applicaion?! Im always on other people’s profile’s, and I want to see who visits mine. Thanks for all your time.
well personally, we should have an app for that, because we will never know who views ours. i mean who wouldn;t like to know..(:
I know of someone who is tracking people, but I don’t know how they do it. If you have or can make an app like that, please e-mail me, I’m very interested. Thanks.