Information technology is my assumption that most Facebook users don't look at their ain profile oftentimes. With your own profile, I mean the timeline that shows upward when you click your own name or avatar in the Facebook carte du jour.

profile menu

That's because we remember nosotros know exactly what is posted there, so why carp to await at it? After all, isn't that supposed to be all the stuff that we posted ourselves?

The feeling of disorientation you get when yous find something yous are certain you lot didn't postal service volition exist even worse if y'all discover that supposed letters take been sent from your Facebook Messenger account that you know you never sent. All in all, there might be some discrepancies between what y'all did and what actually shows upwardly and that's what this blog post is all near.

How exercise posts end upwardly on your timeline that you lot didn't post?

There are iii principal reasons that might exist of some business:

  1. Someone or something else has access to your Facebook business relationship
  2. A Facebook app has the authorization to mail service on your timeline
  3. An active script or browser extension tin can mail service on your behalf

In all these cases, there is no firsthand reason to worry as long as you lot know almost information technology and trust the person, app, script, or extension that has access or authorization.

Authorized apps

We have seen it the past and I bet there are still agile apps being spread among Facebook users by pretending to be spectacular videos. You may remember the "Human establish inside Shark" and similar sensational posts, which try to play a joke on yous into downloading malware or installing a malicious app.

To check whether an app has the ability to post on your timeline, click on Settings:

Facebook settings

On the left-hand side, click on Apps and select whatever app that doesn't look familiar or trustworthy. Y'all tin can see whether they can post on your timeline past looking at their permissions. If they have the authorization to mail on your timeline, it will look like this:

post permission

Delete apps you don't trust or no longer use past clicking on the Ten that shows up when you hover over an app with your mouse pointer in the Apps menu.

remove app

Scripts posting on your behalf

It is possible there is an active script (or programme) that uses your credentials when you take Facebook opened in your browser. The script does not demand to log in, but only makes use of the fact that yous already did log in. It doesn't matter whether yous did that actively or whether yous relied on a cookie set up in an earlier session.

These scripts tin can exist hiding in your browser cache or in the shortcut that you employ to open up Facebook. You can observe localized and browser-specific help on clearing your cache on this Facebook Help page for several browsers. Yous tin can circumvent using your shortcuts if you doubtable they accept been contradistinct past typing facebook.com in your browsers address bar. Once you are certain the shortcuts take been altered, you can find methods on how to make clean your browser shortcuts on our forums.

Browser extensions could be responsible for this similar behavior. They can be removed following these procedures:

  • Cyberspace Explorer: Tools (gear icon) > Manage add-ons > Toolbars and Extensions > Select the one(due south) you don't trust one by one and click "Disable"
  • Firefox: Card (horizontal stripes) > Add together-ons > click on "Disable" behind the ones you don't trust or don't think installing.
  • Chrome: Menu (three dots) > More than Tools > Extensions > Uncheck "Enabled" behind the ones you lot don't trust or don't recall installing.
  • Opera: click the Opera icon > Extensions > Extension Manager > click on Disable below the ones you don't trust or don't call back installing.

Stolen credentials

I'k posting about this every bit the last selection for a reason as the communication that we will give you here does not simply apply to the cases where yous know that someone or something you lot didn't authorize posted on your behalf. If yous have experienced or suspected that something or someone has been posting without your noesis, or one of the other options (scripts, rogue apps), we recommend that y'all change your password and enable 2FA, if you haven't already. Even if yous have no idea who might have been responsible, nosotros recommend you lock them out earlier they abuse their admission to your account even further. Nosotros also recommend doing this even if you establish out which app or other method was used, and fifty-fifty if you successfully removed the culprit, proceed in heed that the aforementioned app or script might have harvested your login credentials and sent them to the threat actors.

2fa logo

Summary

What to do when you find posts in your proper noun on Facebook which you did not postal service:

  1. Try to find out if there is a suspicious or unsolicited Facebook app active on your list that has posting authorization.
  2. Clear the cache of the browser that yous use to access Facebook and the shortcuts you use to open Facebook.
  3. Change your password and consider enabling 2FA.

Other articles that might involvement you:

  • Facebook and privacy
  • Understanding the nuts of two-factor authentication
  • Facebook Messenger Spam Spreading Malicious Chrome Extensions

Pieter Arntz