The Latest in IT Security

Giant snakes eating zookeepers and unwatchable videos – Facebook hit again by clickjacking scams

13
Jun
2012

Facebook users are once again suffering from an onslaught of clickjacking survey scams, designed to fool them into unwittingly saying they “Like” a link to drive web traffic that simply fills the pockets of scammers.

Here’s just one example we have seen in the last hour:

Facebook scam

97% of ALL People Can NOT Watch THIS VIDEO For More Than 25 Seconds!
[LINK]

Can YOU?! Watch the video and see how long you can last! Good Luck!

You can imagine why some Facebook users might be tempted to click on the link, but the truth of the matter is that the poster did not knowingly share the link with his Facebook friends. Instead, he was tricked into saying he “Like”d the link through a clickjacking.

If you were tempted to click on the link you would be taken to a page which appears ready to play a video.

Facebook scam

The webpage looks like it’s part of Facebook, and most people wouldn’t hesitate to press the “Play” button the video. But the reality is that clicking on the play button secretly hides some additional code.

The Mac computer I tested the scam on was running the Sophos’s free Mac anti-virus, which was smart enough to alert me to the danger posed by the button:

Facebook scam

However, if you hadn’t properly protected your computer you might find that you are being clickjacked into invisibly saying you “Like” the link on Facebook without realising.

In my testing, pressing the button said that I “liked” a different scam – this one related to a video allegedly showing a zookeeper being eaten by a giant snake.

Facebook scam

[VIDEO] Snake Eats MAN!
[LINK]

CAUGHT ON TAPE- A Giant Snake Swallows Up A Zookeeper in Front of Hundreds of People!

In this way the scam can spread rapidly between your online friends, increasing the traffic to the real page the scammers want you to visit – one which asks you to take part in an online quiz or survey.

Facebook scam

A free iPhone 4S? You’ll be lucky. Scams like this can earn millions of dollars for those behind them in form of affiliate commission and by – sometimes – signing your mobile phone up for premium rate services.

If you see a scam like this on your newsfeed – be sure to remove it, and report is as spam to Facebook. That way you will no longer be sharing the offending link with your friends.

Report the message as spam

If you’re a Facebook user and want to keep up on the latest threats and security news I would recommend you join the Sophos Facebook page – where more than 190,000 people regularly discuss the latest attacks.

Leave a reply


Categories

THURSDAY, OCTOBER 03, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments