If you've sent Facebook friends a link to something out on the wilds of the World Wide Web, the social network knows and they're telling others about it.

A video published online this week by a poster on Hacker News reveals that Facebook scans private messages and registers links in them as "likes." That means if you've ever privately sent your friends a link to something you'd rather not publicize, well, too bad.

The "likes" problem could better be described as an exploit of Facebook's code that can be used to fraudulently inflate the number of "likes" an external page gets.

For instance, if a company wanted a product to appear popular, they could set up dozens of fake Facebook accounts and begin trading messages back and forth, adding "likes" just as fast as they can click "send" -- up to 1,800 an hour, according to the anonymous person behind the video.

"[It] won't drive any traffic to your website," a commenter on Hacker News noted. "But if your visiting an online store and you see a lot of likes under the product then this might cloud your judgement."

For a publicly-traded company, the potential for "like" fraud is a serious threat to their credibility -- perhaps even moreso than the obvious concerns over collecting metrics data from ostensibly private communications.

Facebook didn't commented on the exploit, but Raw Story's own tests showed that the "likes" were no longer appearing on public-facing profiles. The "likes" were instead only visible in Facebook Insights for domain owners.

Facebook founder Mark Zuckerberg said Thursday that the social network has over 1 billion monthly active users, making the site by far the largest of its kind in the world.

This video was published to YouTube on October 3, 2012.


Original photography by Flickr user kedai-lelaki, creative commons licensed. Composite by Stephen C. Webster.

(H/T: The Wall St. Journal)