World funniest condom commercial? Facebook hit by viral likejacking attack

Filed Under: Clickjacking, Facebook, Social networks, Spam, Vulnerability

CondomsMessages are beginning to spread across Facebook, tricking users into clicking on links which claim to point to the world's funniest condom commercial.

The messages are spreading through a clickjacking scam (sometimes known as likejacking) which means that users do not realise that they are invisibly pressing that they "Like" the video when they try to play it.

A typical message looks something like the following (the actual link can change):

The World Funniest Condom Commercial message on Facebook

The World Funniest Condom Commercial - LOL
[LINK]
haha its really so funny ~ Dont Miss it !

The scam appears to be being perpetrated by the same gang who have been successfully spreading a "Baby born amazing effect" scam over the last several days.

Clicking on the links, which so far appear to all be hosted on blogspot.com, takes users to a webpage which urges visitors to click to watch the video.

The pages have the headline "The Funniest Condom Commercial":

Click further at your own discretion - because the clickjacking scam is about to play its part in the scheme. If you try to play the video then you will be unwittingly saying that you "Like" the link, and sharing it with your friends. In this way the link spreads virally across Facebook.

By the way, there is a condom commercial shown at the end of this whole process, but the Argentinian TV advert is available for free on YouTube meaning that there was a way of viewing it which didn't involve helping the scammers spread their link across the Facebook social network. (Oh, and the video is not that funny).

As regular readers of Sophos's Facebook page will know, scams like this have been seen on far too many occasions.

Recently announced new Facebook security features were supposed to provide protection against clickjacking/likejacking schemes like this - but once again have unfortunately proven to be ineffectual.

If you were running anti-clickjacking protection, such as the NoScript add-on for Firefox, then you would see a warning message about the attempted clickjacking:

Here's how you can clean-up your Facebook page.

Find the offending message on your Facebook page, and select "Remove post and unlike". You could also choose to mark it as spam to alert Facebook's security team.

Remove the entry from your Facebook page

Unfortunately that doesn't completely remove the connection between the mischievous link and your Facebook page. You also need to go into your profile, choose Activities and Interests and remove any pages that you don't want to "Like".

Remove Funniest Condom page from your list of Likes

Of course, attacks like this would find it much harder to spread if folks were much more careful about the links they clicked on when using Facebook - and if Facebook's in-built security was more effective at stopping clickjacking attacks.

If you're on Facebook and want to learn more about spam, malware, scams and other threats, you should join the Sophos Facebook page where we have a thriving community of over 80,000 people.

Hat-tip: Thanks to Naked Security reader Josh for first giving us a heads-up about this clickjacking scam spreading on Facebook

, , , , ,

You might like

12 Responses to World funniest condom commercial? Facebook hit by viral likejacking attack

  1. Louise Martin · 1249 days ago

    I have seen another one floating about the past few days, it a clip about a 3D web cam of a baby birth, a few of my face book friends have it up, I suspect it is a clickjack but I am not sure but I wont be going there I went through the real thing and the thought of watching it in 3D is not appealing to me

  2. You know, if I could get a list of the names of those who create and unleash such unspeakable evil upon us, I would set up a "Facebook Scammers Hall of Humiliation" site, where we could post them and then laugh mercilessly at them, forever. Think of it as an eternal shame upon their cyber-tombs.

    ~EdT.

    • Jeremy · 1249 days ago

      Except they'd probably use pseudo names so it wouldn't affect them...

  3. Jose · 1247 days ago

    Call me naive, but as someone who's not on Facebook (yes, I'm that 1% of the world), where is the actual danger if you just like that unknowingly? Does anything get automatically downloaded that would harm your computer?

    • It harms your reputation, not your computer.

      It harms your reputation in two ways:

      First, it indicates semi-publicly to the world that you "like" this somewhat sexual content, and calls attention to it to your friends. If your boss or partner or a parent of a child you teach is on your friends list, this could be very significant.

      Second, it induces your friends to also fall victim to this scam. It's not a nice thing to do to your friends, and makes you look like an idiot. (Trust me on that -- I was investigating whether it WAS a scam a friend had fallen victim to, and the clickjacking caught ME, and made ME feel like an idiot).

      But your computer should be OK.

    • Asian Kid · 1238 days ago

      No, some people are just doing this to get a page to have over 10K likes (15K in this situation) as their pages are not popular and some are earning money over these scams (not the pages)

  4. therealsimonoh · 1237 days ago

    Is there any way we can hunt down and prosecute these scammers?

  5. The Celebopedia · 1148 days ago

    why facebook not taking spams seriously ?

  6. Dillon · 1039 days ago

    But I wanted to watch the funny video... Just kidding. This just happened to me, thanks for the post!

  7. Derek Tonkin · 983 days ago

    FYI, this is circulating again but this time as "Funniest video I have ever seen" with the description "omg that's so funny.."

  8. Kristjan · 718 days ago

    Hello, i have a problem with this LikeJacking Attack 31, whenever i start Chrome my Norton blocks the attack, ofcourse it's a good thing that Norton does that but i don't feel protected at all if i get attack every singel time when i open my browser. How can i prevent it?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.