Posts Tagged ‘Justin Bieber’

World funniest condom commercial? Facebook hit by viral likejacking attack

Published by pratyushkp on June 1st, 2011 - in Social, Technology

Image via Wikipedia

Messages are beginning to spread across Facebook, tricking users into clicking on links which claim to point to the world’s funniest condom commercial.

The messages are spreading through a clickjacking scam (sometimes known as likejacking) which means that users do not realise that they are invisibly pressing that they “Like” the video when they try to play it.

A typical message looks something like the following (the actual link can change):

The World Funniest Condom Commercial - LOL
[LINK]
haha its really so funny ~ Dont Miss it !

The scam appears to be being perpetrated by the same gang who have been successfully spreading a “Baby born amazing effect” scam over the last several days.

Clicking on the links, which so far appear to all be hosted on blogspot.com, takes users to a webpage which urges visitors to click to watch the video.

The pages have the headline “The Funniest Condom Commercial”:

Click further at your own discretion – because the clickjacking scam is about to play its part in the scheme. If you try to play the video then you will be unwittingly saying that you “Like” the link, and sharing it with your friends. In this way the link spreads virally across Facebook.

By the way, there is a condom commercial shown at the end of this whole process, but the Argentinian TV advert is available for free on YouTube meaning that there was a way of viewing it which didn’t involve helping the scammers spread their link across the Facebook social network. (Oh, and the video is not that funny).

As regular readers of Sophos’s Facebook page will know, scams like this have been seen on far too many occasions.

Recently announced new Facebook security features were supposed to provide protection against clickjacking/likejacking schemes like this – but once again have unfortunately proven to be ineffectual.

If you were running anti-clickjacking protection, such as the NoScript add-on for Firefox, then you would see a warning message about the attempted clickjacking:

Here’s how you can clean-up your Facebook page.

Find the offending message on your Facebook page, and select “Remove post and unlike”. You could also choose to mark it as spam to alert Facebook’s security team.

Unfortunately that doesn’t completely remove the connection between the mischievous link and your Facebook page. You also need to go into your profile, choose Activities and Interests and remove any pages that you don’t want to “Like”.

Of course, attacks like this would find it much harder to spread if folks were much more careful about the links they clicked on when using Facebook – and if Facebook’s in-built security was more effective at stopping clickjacking attacks.

Source : -http://nakedsecurity.sophos.com

Baby Born amazing effect? No, another Facebook likejacking scam

Published by pratyushkp on May 28th, 2011 - in Social, Technology

Image via CrunchBase

Messages are spreading rapidly across Facebook, as users get tricked into clicking on links claiming to show an amazing video of a big baby being born.

The messages are spreading with the assistance of a clickjacking scam (sometimes known as likejacking) which means that users do not realise that they are invisibly pressing a “Like” button to pass the message onto their online friends.

A typical message looks as follows:

Baby Born Amazing Effect - WebCamera
[LINK]
Big Baby Born !

(Note: Graham Cluley have obscured the thumbnail used in the messages, as some may find it offensive because of its err.. anatomical nature.)

The links we have seen so far all point to pages hosted on blogspot.com, and appear to contain a video player that you are urged to click on.

The pages are headlined: “Baby Born Video – Amazing Effects”.

See the message at the bottom of the page? It reads:

If Play Button don't work please click on the Like button and Confirm, then you can watch the Video.

It’s at this point that the clickjacking scam plays its part. If you try to play the video then you will be secretly and unwittingly saying that you “Like” the link, and sharing it with your friends. In this way the link spreads virally.

It’s a shame that Facebook’s own security measures don’t warn about this clickjacking attack.

If you were running anti-clickjacking protection, such as the NoScript add-on for Firefox, then you would see a warning message about the attempted clickjacking:

Unfortunately, thousands of Facebook users appear to have fallen for the scam – and are helping the links spread rapidly across the social network.

Here’s how you can clean-up your Facebook page.

Find the offending message on your Facebook page, and select “Remove post and unlike”.

Unfortunately that doesn’t completely remove the interloping link. You also need to go into your profile, choose Activities and Interests and remove any pages that you don’t want to “Like”.

If only folks were more careful about the links they clicked on when using Facebook.

Source :- http://nakedsecurity.sophos.com

  • Baby Born amazing effect? No, another Facebook likejacking scam (nakedsecurity.sophos.com)
  • Facebook comment-jacking? OMG! I Can’t believe JUSTIN Bieber did THIS to a girl (pratyushkp.wordpress.com)
  • Facebook announces new security features (blogoholic.in)
  • Hottest & Funniest Golf Course Video scam spreads virally on Facebook – beware! (blogoholic.in)
  • It’s a Facebook clickjack scam (eclectomania.wordpress.com)
  • Facebook announces new security features (pratyushkp.wordpress.com)

Top 10 Twitter Trends This Week ( 4/29 – 5/5)

Published by pratyushkp on May 8th, 2011 - in Social, Technology
Image representing Twitter as depicted in Crun...

Image via CrunchBase

Last week, Mashable predicted that the Royal Wedding would be the number one trending topic this time around. And we would have been right, if not for a bit of news that broke last Sunday.

The shots that took down Osama bin Laden were shots heard ’round the Twitterverse. A mind-boggling record of 12.4 million tweets per hour (5,106 tweets per second around the time of President Obama’s speech) helped to place all topics connected to the biggest news story of the year at number one this week.

It should be noted that despite the intensity of the bin Laden news, the Royal Wedding did come in at a close second.

To see the full list, check out the chart below. Because this is a topical list, hashtag memes and games have been omitted from the chart. The aggregate is based on Twitter’s own trending algorithm, and does not necessarily reflect raw tweet volume.

You can check past Twitter trends in our Top Twitter Topics section.


Top Twitter Trends This Week: 4/29 – 5/5


Rank
Topic
Intensity
Description
#1
Osama bin Laden
3
Al Qaeda leader Osama bin Laden was killed by a small team of Navy SEALs in Abbottabad, Pakistan. President Obama announced the news late Sunday night (ET).
#2
Royal Wedding
3
Prince William and Catherine Elizabeth “Kate” Middleton were married on April 29, 2011 at Westminster Abbey.
#3
Harry Potter Movie/Book Series
2
On Twitter, Harry Potter fans were talking about Luna Lovegood, Neville Longbottom, Molly Weasley, Severus Snape, Hermione Granger, Bellatrix Lestrange, Fred Weasley and Sirius Black.
#4
Justin Bieber
2
Justin Bieber accidentally tweeted #pssst when he was trying to tweet #pissed instead, thus causing this to trend. People are tweeting secrets to one another or showing reasons why someone is “pissed.” Users asked their followers if they prefer Justin Bieber or Bruno Mars.
#5
Soccer/Football
1
Much discussed football topics include Sunday’s upcoming Manchester United vs. Chelsea match, Lionel Messi, the retirement of Sami Tuomas Hyypiä, the Queens Park Rangers fault, the Champions League match Manchester United v Schalke and the Derby between two massive soccer clubs from Brazil: Grêmio Foot-ball Porto Alegrense and Sport Club Internacional.
#6
Star Wars Day
1
Science fiction fans celebrated Star Wars on the 4th of May, tweeting the phrase “May the Fourth be with you!”
#7
Lady Gaga
1
Lady Gaga fans were excited about the release of “Judas,” her latest music videol. And it’s not clear how or when it started, but users are tweeting “Lord Voldemort + Lady Gaga = Lord Gaga.”
#8
Chris Brown
1
On Thursday, R&B singer Chris Brown turned 22 years old and his fans sent him good wishes.
#9
NBA Playoffs
1
Fans were most vocal about the Miami Heat meeting the Boston Celtics in the NBA Conference Semi-Finals. Derrick Rose of the Chicago Bulls was announced the winner of the Maurice Podoloff Trophy as the 2010-11 Kia NBA Most Valuable Player Award.
#10
Owl City
1
Indonesian Tweeters were excited over an announcement that the band Owl City would be playing a concert in Jakarta on October 28. Also, fans were saying how much they liked the Owl City song “Vanilla Twilight.”

Data aggregate courtesy of What the Trend.

Source :- http://mashable.com/

  • See How One Man’s Tweet Told The World Osama Bin Laden Was Dead (businessinsider.com)
  • Top 10 Twitter Trends This Week [CHART] (fakeiitian.com)
  • 10 Historic Tweets That Captivated the World (mashable.com)
  • The Power of a Single Tweet: How the Bin Laden News Broke on Twitter (newsgrange.com)
  • Here Are The Non-Essential (Read: Celebrity) Tweets Inspired By Osama bin Laden’s Death (businessinsider.com)
  • A Twitter Record That Has Nothing to do with Justin Bieber (techland.time.com)
  • Osama bin Laden’s Last Tweet (humpdayreport.wordpress.com)
  • Top 10 Twitter Trends This Week [CHART] (mashable.com)
  • Rashard Mendenhall Loses Champion Endorsement Over Osama bin Laden Tweets (tipdrillzonline.wordpress.com)
  • Solomon: Athletes’ tweets are for the birds (chron.com)
  • L.A.’s Twitter trending: embarrassing? (laobserved.com)
  • “Osama Bin Laden’s Death as Told by Social Media and Search Engines” and related posts (wordstream.com)
  • Osama Bin Laden Dead – Top Search On Google (seroundtable.com)
  • One Twitter user Live blogs from Osama Bin Laden’s raid (chatootsboots.wordpress.com)
Tags: Dumbledore's Army, Hermione Granger, , Order of the Phoenix (organisation), , Royal Wedding, , , United States Navy SEALs

Facebook comment-jacking? OMG! I Can’t believe JUSTIN Bieber did THIS to a girl

Published by pratyushkp on April 30th, 2011 - in Uncategorized

It’s starting to seem like Facebook can’t win against those who wish to use their service to scam, spam and simply cause trouble. Over the last day or so, a new type of attack has been spreading using the phrase “OMG! I Can’t believe JUSTIN Bieber did THIS to a girl”.

It leads to a page asking you to verify a simple math problem to “prevent bots from slowing down the site”. In actuality, it is another clickjack-type scheme in which you are asked to type the answer into a box.

Comment-jack security check

It doesn’t matter what you type, because it’s a social engineering trick. What you are actually typing is a comment that is used to share the link with your friends on Facebook. You can see the tooltip that says “Add a Comment” in the screenshot.

This bypasses Facebook’s recent attempt at detecting likejacking fraud. Links you comment on are not using the same mechanisms that Facebook is monitoring when you click “Like”.

Many moons ago, the first Facebook attacks started with illegitimate applications asking for permission to access your wall and spread their messages by spamming your friends through wall posts. While this worked well, it was a bit easy for Facebook to track down and remove the bogus apps.

Early in 2010 we saw the first attempts at likejacking. This technique involves layering one image over the top of a Like button and tricking the victim into clicking something that appears to play a video or a continue button, when in fact they are clicking the Like button hidden underneath.

Facebook Bieber scam wall post

More recently we have seen the attackers trying lots of new techniques. In the past few months we have seen them tagging people in photos they are not in to get you to click, inviting people to fake events and even making you an administrator of a Facebook page that isn’t yours.

While protecting yourself may not be as simple as not clicking anything that says “OMG!” that isn’t a bad start. Be skeptical, understand that messages from your friends may not in fact have been sent to you willingly, and if you are really tempted to click, take a short timeout to conduct a Google/Bing search.

As of the time of this writing some of the YouTube videos this scam leads to have been removed by YouTube. However, one video that is still working has over 525,000,000 views since February and thousands of comments in the last 24 hours — in other words, since this Facebook scam has been making the rounds.

To stay up to date on the latest threats, follow us on Facebook. For advice on how to configure your profile to protect your privacy check out This recommendations for Facebook settings.

Source :- http://nakedsecurity.sophos.com

  • Audi has most engaged Facebook fans, beats out Justin Bieber (autoblog.com)
  • This Lesbian Actually Is Justin Bieber (queerty.com)
  • David Beckham Hangs Out With Justin Bieber (Kinda) (pinkisthenewblog.com)
  • I can’t believe a GIRL did this because of Justin Bieber (zdnet.com)
  • Justin Bieber’s cell phone number? Nope, it’s a Facebook scam (sophos.com)
  • Why Justin Bieber Is An Online Marketing Guru (keepthepeakunique.com)
  • I Discovered Justin (burnadvertising.wordpress.com)
  • OMG: Justin Bieber Goes Bald! (thehollywoodgossip.com)
  • SHOCKER: Justin Bieber’s Lookalike Is a Girl (odditycentral.com)
  • Guy who took a picture of his face for 8 years FouTube Facebook scam (nakedsecurity.sophos.com)

Banned Lady Gaga video attack spreads on Twitter via rogue app

Published by pratyushkp on April 30th, 2011 - in Social, Technology

Watch out for tweets about a banned Lady Gaga video, currently spreading across the Twitter network.

The tweets are being posted by rogue applications, that users are allowing to access their profiles in the belief that they will get to view a prohibited video of Lady Gaga

Tweet promoting banned Lady Gaga video

VIDEO PROHIBIDO LADY GAGA banned [LINK] @shakira @ladygaga como ganar dinero facil

(Please note that the precise wording can vary)

If you make the mistake of clicking on the link you are taken to a fake YouTube webpage.

Fake YouTube page

Of course, you believe that you’re going to watch a banned video of Lady Gaga so you might very well click on the play button.

Doing so, however, asks you to grant permission to a third party app which wants to connect with your Twitter account.

Rogue Twitter application

Don’t, whatever you do, give it permission to continue. Because if you do, your account can now be accessed by third parties – who will be able to post messages in your name to all of your followers.

Hopefully the fact that the messages we have seen so far have all been in Spanish may reduce the impact of this particular attack.

Interestingly, it seems that Lady Gaga herself has been having trouble with these Twitter hackers.

The eccentric songstress, who has more followers on Twitter than anyone else in the world, posted a message yesterday saying:

Whoever is hacking my Twitter must answer to 10 million monsters and Twitter police. #Don'tMakeMeCallTheApostles

Lady Gaga@ladygaga
Lady Gaga

Whoever is hacking my Twitter must answer to 10 million monsters and Twitter police. #Don‘tMakeMeCallTheApostles
April 27, 2011 12:37 pm via webReplyRetweetFavorite

Although the singer quickly deleted the rogue tweets that had upset her so much from her page, I was able to discover them cached elsewhere on the net:

TAROT de shakira [LINK] clarividente de @shakira #horoscopo ganar dinero navegando

and

VIDEO PROHIBIDO LADY GAGA @ladygaga [LINK] ganar dinero navegando

The bit.ly links used in the messages posted to Lady Gaga’s Twitter page linked to the same fake YouTube page, and were created by the same person who appears to be behind the rogue application attack.

Lady GagaIs it possible that Lady Gaga, or the staff who manage her Twitter account, fell for the scam themselves? And that’s why the rogue message appeared on Lady Gaga’s Twitter page?

Lady Gaga has over 9.6 million followers on Twitter, making her the most popular person on the network (yes, beating even Justin Bieber..) and a prize goal for any scammer who wants their scammy spammy links to be spread to as wide an audience as possible.

If you were unfortunate enough to grant a rogue applications access to your Twitter account, revoke its rights immediately by going to the Twitter website and visiting Settings/Connections and revoking the offending app’s rights.

Don’t make it easy for scammers to make money in this way, and always exercise caution about which third party apps you allow to connect with your social networking accounts.

If you’re on Twitter and want to learn more about threats, be sure to follow Naked Security’s team of writers.

Source :- http://nakedsecurity.sophos.com

  • Banned Lady Gaga video attack spreads on Twitter via rogue app (nakedsecurity.sophos.com)
  • Lady Gaga’s Label Attempting To Sabotage Beyonce?! (mikeyvision.com)
  • VIDEO: Lady Gaga Gives Fans A Teaser Of Born This Way ‘Glee’ Episode! (997now.radio.com)
  • 17 Best Lady Gaga Quotes (socialitelife.com)
  • Girl Fight! Beyonce vs Lady Gaga (sweetspill.com)
  • Lady Gaga Performs “Judas” On Ellen [Video] (divamission.wordpress.com)
  • Lady Gaga Reveals “Judas” Video Premiere Date (khmx.radio.com)
  • Lady Gaga Reveals ‘Born This Way’ Album Cover On Twitter (ksfm.radio.com)
  • Lady Gaga Revives Transmission GagaVision (923now.radio.com)
  • GIRLFIGHT: Beyonce vs. Lady Gaga [Round 2] (hellobeautiful.com)
  • Transmission GagaVision Returns! (fresh1027.radio.com)
© Social Media Blog

Ad Plugin made by Free Wordpress Themes