Posts Tagged ‘Likejacking’

The Amazing Orgasm Facebook scam (NSFW) – don’t think with your trousers

Published by pratyushkp on June 20th, 2011 - in Social, Technology

The latest survey scam to spread successfully on Facebook is clearly targeting people who have so much blood flowing to their loins that the supply to their brains has been cut off.

It seems when faced with the prospect of seeing a video of a woman having an “amazing orgasm“, common sense goes out of the window for some people and they click the link without thinking of the possible consequences.

Here is the message that is spreading between Facebook users (I’ve pixelated out parts of the image so as not to offend anyone):

Amazing Orgasm
[LINK]

And here’s an alternative version:

The links point to pages on Blogspot, where you will then be redirected to a webpage which presents you with what appears to be a sexy YouTube video of what is claimed to be an “Overly Dramatic Orgasm”.

The only thing is that they want you to click a couple of times (sharing and liking the video to your Facebook friends) before they’ll let you watch. Curiously, the messages are in Finnish (“Jaa” is Finnish for “Share”). Could the scammer who set up this particular attack be Finnish?

You probably won’t be surprised to hear that the purpose of the whole scam is to earn money – through tricking users into taking online surveys. And through your clicking on the links, you have helped promote the survey (via the sexy video lure) to your online friends.

My feeling is that the last thing you’re probably in the mood to do, if you want to watch a sexy video, is fill out an online survey. But that’s precisely the kind of social engineering lure that appears to work on so many occasions.

Don’t think with your trousers, show some common sense. I wish when you logged into Facebook it said, alongside asking for your email address and password, “Have you had a cold shower in the last 20 minutes?”

Maybe then folks would show a little more common sense when they see one of these sexy messages appear on their newsfeed.

What are you doing if you’re clicking on this kind of thing from your work computer anyway? Content like that which these links promise is definitely NSFW (not safe for work).

Source :- http://nakedsecurity.sophos.com

Related articles
Tags: , , , , , , , ,
No Comments »

Dad walks in on Daughter Facebook clickjacking attack helps scammers earn money

Published by pratyushkp on June 15th, 2011 - in Social, Technology

Image via CrunchBase

Once again, scammers are running rings about Facebook‘s built-in security measures by spreading a clickjacking scam between users’ accounts.

The latest attack poses as a link to a video of a dad walking in on his daughter.

Dad walks in on Daughter.. EMBARRASSING!
[LINK]
This really must have been an awkward moment.

We’ve seen scams which use language like this before, of course, and sometimes they’ve been used to trick you into installing software onto your computer.

Interestingly, on this occasion, the image used in the messages is the same as that used in the recent “Baby born amazing effect” scam which has spread with similar ferocity in the last couple of weeks on the social network.

Clicking on this latest link takes users to a webpage, where it looks as though you need to press the “Play” icon to watch the video.

However, clicking the icon secretly tells Facebook that you “Like” the page (via the use of a clickjacking exploit), helping the scam to perpetuate.

It will be no surprise at all to regular Naked Security readers that the scam is designed to drive traffic to online surveys – which earns commission for the scammers behind the attack.

When I tried it, the surveys claimed that I could receive a free iPad or MacBook or even a flat-screen television.

If you’ve been hit by a scam like this, remove the messages and likes from your Facebook page – and warn your friends not to click on the offending links. Clearly there’s much more work which needs to be done by Facebook to prevent these sorts of messages spreading so rapidly.

Source :- http://nakedsecurity.sophos.com

Related articles
Tags: , , Computer security, , , , Flat panel display, Installing Software (Essential Computers), , , MacBook
No Comments »

World funniest condom commercial? Facebook hit by viral likejacking attack

Published by pratyushkp on June 1st, 2011 - in Social, Technology

Image via Wikipedia

Messages are beginning to spread across Facebook, tricking users into clicking on links which claim to point to the world’s funniest condom commercial.

The messages are spreading through a clickjacking scam (sometimes known as likejacking) which means that users do not realise that they are invisibly pressing that they “Like” the video when they try to play it.

A typical message looks something like the following (the actual link can change):

The World Funniest Condom Commercial - LOL
[LINK]
haha its really so funny ~ Dont Miss it !

The scam appears to be being perpetrated by the same gang who have been successfully spreading a “Baby born amazing effect” scam over the last several days.

Clicking on the links, which so far appear to all be hosted on blogspot.com, takes users to a webpage which urges visitors to click to watch the video.

The pages have the headline “The Funniest Condom Commercial”:

Click further at your own discretion – because the clickjacking scam is about to play its part in the scheme. If you try to play the video then you will be unwittingly saying that you “Like” the link, and sharing it with your friends. In this way the link spreads virally across Facebook.

By the way, there is a condom commercial shown at the end of this whole process, but the Argentinian TV advert is available for free on YouTube meaning that there was a way of viewing it which didn’t involve helping the scammers spread their link across the Facebook social network. (Oh, and the video is not that funny).

As regular readers of Sophos’s Facebook page will know, scams like this have been seen on far too many occasions.

Recently announced new Facebook security features were supposed to provide protection against clickjacking/likejacking schemes like this – but once again have unfortunately proven to be ineffectual.

If you were running anti-clickjacking protection, such as the NoScript add-on for Firefox, then you would see a warning message about the attempted clickjacking:

Here’s how you can clean-up your Facebook page.

Find the offending message on your Facebook page, and select “Remove post and unlike”. You could also choose to mark it as spam to alert Facebook’s security team.

Unfortunately that doesn’t completely remove the connection between the mischievous link and your Facebook page. You also need to go into your profile, choose Activities and Interests and remove any pages that you don’t want to “Like”.

Of course, attacks like this would find it much harder to spread if folks were much more careful about the links they clicked on when using Facebook – and if Facebook’s in-built security was more effective at stopping clickjacking attacks.

Source : -http://nakedsecurity.sophos.com

Related articles
Tags: , , , , , , ,
2 Comments »

Baby Born amazing effect? No, another Facebook likejacking scam

Published by pratyushkp on May 28th, 2011 - in Social, Technology

Image via CrunchBase

Messages are spreading rapidly across Facebook, as users get tricked into clicking on links claiming to show an amazing video of a big baby being born.

The messages are spreading with the assistance of a clickjacking scam (sometimes known as likejacking) which means that users do not realise that they are invisibly pressing a “Like” button to pass the message onto their online friends.

A typical message looks as follows:

Baby Born Amazing Effect - WebCamera
[LINK]
Big Baby Born !

(Note: Graham Cluley have obscured the thumbnail used in the messages, as some may find it offensive because of its err.. anatomical nature.)

The links we have seen so far all point to pages hosted on blogspot.com, and appear to contain a video player that you are urged to click on.

The pages are headlined: “Baby Born Video – Amazing Effects”.

See the message at the bottom of the page? It reads:

If Play Button don't work please click on the Like button and Confirm, then you can watch the Video.

It’s at this point that the clickjacking scam plays its part. If you try to play the video then you will be secretly and unwittingly saying that you “Like” the link, and sharing it with your friends. In this way the link spreads virally.

It’s a shame that Facebook’s own security measures don’t warn about this clickjacking attack.

If you were running anti-clickjacking protection, such as the NoScript add-on for Firefox, then you would see a warning message about the attempted clickjacking:

Unfortunately, thousands of Facebook users appear to have fallen for the scam – and are helping the links spread rapidly across the social network.

Here’s how you can clean-up your Facebook page.

Find the offending message on your Facebook page, and select “Remove post and unlike”.

Unfortunately that doesn’t completely remove the interloping link. You also need to go into your profile, choose Activities and Interests and remove any pages that you don’t want to “Like”.

If only folks were more careful about the links they clicked on when using Facebook.

Source :- http://nakedsecurity.sophos.com

Related articles
  • Baby Born amazing effect? No, another Facebook likejacking scam (nakedsecurity.sophos.com)
  • Facebook comment-jacking? OMG! I Can’t believe JUSTIN Bieber did THIS to a girl (pratyushkp.wordpress.com)
  • Facebook announces new security features (blogoholic.in)
  • Hottest & Funniest Golf Course Video scam spreads virally on Facebook – beware! (blogoholic.in)
  • It’s a Facebook clickjack scam (eclectomania.wordpress.com)
  • Facebook announces new security features (pratyushkp.wordpress.com)
Tags: , , , , , , , , ,
8 Comments »

Facebook comment-jacking? OMG! I Can’t believe JUSTIN Bieber did THIS to a girl

Published by pratyushkp on April 30th, 2011 - in Social

It’s starting to seem like Facebook can’t win against those who wish to use their service to scam, spam and simply cause trouble. Over the last day or so, a new type of attack has been spreading using the phrase “OMG! I Can’t believe JUSTIN Bieber did THIS to a girl”.

It leads to a page asking you to verify a simple math problem to “prevent bots from slowing down the site”. In actuality, it is another clickjack-type scheme in which you are asked to type the answer into a box.

Comment-jack security check

It doesn’t matter what you type, because it’s a social engineering trick. What you are actually typing is a comment that is used to share the link with your friends on Facebook. You can see the tooltip that says “Add a Comment” in the screenshot.

This bypasses Facebook’s recent attempt at detecting likejacking fraud. Links you comment on are not using the same mechanisms that Facebook is monitoring when you click “Like”.

Many moons ago, the first Facebook attacks started with illegitimate applications asking for permission to access your wall and spread their messages by spamming your friends through wall posts. While this worked well, it was a bit easy for Facebook to track down and remove the bogus apps.

Early in 2010 we saw the first attempts at likejacking. This technique involves layering one image over the top of a Like button and tricking the victim into clicking something that appears to play a video or a continue button, when in fact they are clicking the Like button hidden underneath.

Facebook Bieber scam wall post

More recently we have seen the attackers trying lots of new techniques. In the past few months we have seen them tagging people in photos they are not in to get you to click, inviting people to fake events and even making you an administrator of a Facebook page that isn’t yours.

While protecting yourself may not be as simple as not clicking anything that says “OMG!” that isn’t a bad start. Be skeptical, understand that messages from your friends may not in fact have been sent to you willingly, and if you are really tempted to click, take a short timeout to conduct a Google/Bing search.

As of the time of this writing some of the YouTube videos this scam leads to have been removed by YouTube. However, one video that is still working has over 525,000,000 views since February and thousands of comments in the last 24 hours — in other words, since this Facebook scam has been making the rounds.

To stay up to date on the latest threats, follow us on Facebook. For advice on how to configure your profile to protect your privacy check out This recommendations for Facebook settings.

Source :- http://nakedsecurity.sophos.com

Related Articles
  • Audi has most engaged Facebook fans, beats out Justin Bieber (autoblog.com)
  • This Lesbian Actually Is Justin Bieber (queerty.com)
  • David Beckham Hangs Out With Justin Bieber (Kinda) (pinkisthenewblog.com)
  • I can’t believe a GIRL did this because of Justin Bieber (zdnet.com)
  • Justin Bieber’s cell phone number? Nope, it’s a Facebook scam (sophos.com)
  • Why Justin Bieber Is An Online Marketing Guru (keepthepeakunique.com)
  • I Discovered Justin (burnadvertising.wordpress.com)
  • OMG: Justin Bieber Goes Bald! (thehollywoodgossip.com)
  • SHOCKER: Justin Bieber’s Lookalike Is a Girl (odditycentral.com)
  • Guy who took a picture of his face for 8 years FouTube Facebook scam (nakedsecurity.sophos.com)
Tags: , , , , , , ,
10 Comments »
© Social Media Blog

Ad Plugin made by Free Wordpress Themes