Shocking 17-year-old public high school antics clickjack unwary Facebook users into scam

Filed Under: Clickjacking, Facebook, Social networks, Spam

Many Facebook users were assaulted by the following message earlier today, seemingly shared by their online friends:

[SHOCK] At 17, she did THIS in public high school, EVERY day! Outrageous?

[SHOCK] At 17, she did THIS in public high school, EVERY day! Outrageous?
[LINK]

Is it normal to let her do that? In PUBLIC and such!

The image of a young woman's bottom in tight-fitting jeans might or might not (depending on your taste) entice you into clicking further - and if you did succumb you would have found your browser taken to a third-party webpage which pretends it is about to show you a video.

Clickjacking scam webpage

However, the "play" button on the video hides a secret "Like" button, which means that you share the link even further across your social network by clickjacking - helping the scammers spread their link virally.

The purpose of scams such as these are typically to lead you to online surveys (which earn the scammers affiliate commission) or to trick you into handing over personal information such as your cellphone number which will then be subscribed to a premium rate service.

One day the scammers will be using links purporting to be videos of giant snakes eating zookeepers, the next it might be a sex video of an Asian film star.

The disguises may change, but the trick is the same. Keeping your wits about you is your first defence.

You should always be careful about what you click on on Facebook - as you could be carelessly sharing a scammers' link onto your online friends.

If you're a Facebook user and want to keep up on the latest threats and security news I would recommend you join the Sophos Facebook page - where 200,000 people regularly discuss the latest attacks.

, , , ,

You might like

77 Responses to Shocking 17-year-old public high school antics clickjack unwary Facebook users into scam

  1. Nathan · 754 days ago

    I almost fell for this one today. I clicked on the link, but was suspicious of the video, and noticed that it had a dodgy url when i hovered over it.

  2. Joye Fruchey · 754 days ago

    I had an "uneasy" feeeling - but - because of the poster, I went there....and tried and tried. Ended up on a Hate God blog. That being said,, I ran the Malware system, and came back clean - but is there something more to do so that my system stays clean ?

    • Cindy · 754 days ago

      Yeah, use some common sense and stop clicking junk like this. You only have yourself to blame.

      • insanitybit · 752 days ago

        No, he only has the hacker to blame. Someone outright tried to trick him and others - no need to blame victims when they're being attacked.

        • advice4idiots · 751 days ago

          Nope, the person above you is correct. When someone falls victim to an attack, such as this, the best thing to do is to accept your 50% of the blame. The reason is: all you can do to prevent this is to change your behavior by recognizing your error so you do not fall victim (again). Making excuses for your own stupidity and blaming it on others is the best way NOT to learn to prevent these sort of things from happening. Basically, if the person takes no responsibility, then they do not have to think about how they could prevent it. The only thing you can really disavow responsibility for are things that you do not do.

          Sure, the scammers are responsible for some of it, but no one makes anyone click a link. By preying on feeble minds, scammers have a lucrative business. If people were more aware of the ways people trick you, then scammers might not have such a target rich environment, and would have to go make money by earning it legitimately.

        • advice4idiots · 751 days ago

          No, the previous poster is correct.
          If one does not taking responsibility for his or her own actions (clicking the link), that person will never be able to learn. If it was an accident, then there is no blame, but the person who clicked the link is partially responsible. If a person doesn't recognize where they have a choice and instead blames a third party for their error, then they will continue to make the same mistake.
          No one blames a snake for eating a squirrel that gets too close. The snake did his job, and the squirrel failed at their job. Because the squirrel would have benefitted instead of the snake if the squirrel had used caution, then it is obvious the squirrel is to blame for his predicament. Luckily, it dies and does not have to live with the realization that it is an idiot. We are all Idiots, sometimes.

          And when one person falls victim it encourages the scammers to keep trying. Had scammers not had such a target rich environment of gullible and shallow people looking for things that would excite them, then the scammers might have to make money legitimately.

      • Really · 704 days ago

        Not everyone spends 100 hours a week on the Internet. It's impossible to keep up to date with every scam. When parents see something that might look like a story about someone doing something not so nice at a "public" school they probably want to know what it is. Especially if they think a friend posted it.

        • PMO · 656 days ago

          FOOLS! spring a few extra bucks for a Mac and you'll never have to deal with this virus crap.

          • macuser · 347 days ago

            shhhh don't say that! if apple's market share rises the hackers might find it lucrative to target us more often!

          • Hardware Queen · 276 days ago

            Yeah, except it's a browser exploit, not a virus. These can run in Windows, Mac or Linux.

  3. Flo · 754 days ago

    My boyfriend had this posted on his fb page WITHOUT clicking the link or playing the video. He'd never seen it before until I pointed it out from my newsfeed.
    How can something spread onto your account without you ever clicking on it?

    • klmz · 754 days ago

      And you believe him? Sweet.

      • smart · 712 days ago

        means he clicked it and lied to you... come on, its a girls ass and you must be the jealous type if he lied.

        • Lynn · 367 days ago

          I knew about the link I got hacked with..My sister gets it all the time and I'm the one calling her. I got it today and I don't click on those links because I KNOW about these things happening. So I know I don't click on links, So, tell me how to keep this from coming back. I'm not telling lies but would like to keep a clean account.

          • noemi · 347 days ago

            i had that too about 2 years back. i went into the security settings and blocked all applications and it stopped. it even deleted the sketchy video links that got posted on my friends' walls from my account. it was a while ago though i don't know if it'll still work. either way it's nice to have all applications blocked. i sure don't miss all those farmville invitations :-)
            hope you manage to get rid of it. good luck!

    • Chris Terwijn · 713 days ago

      No it can't. Your boyfriend doesn't want you to know he clicked that nice bottom :)

    • Gribbit · 707 days ago

      Noooo, he'd never do anything like that. The porn on the computer isn't his either.

    • Abs · 630 days ago

      WHO KNOWS!?! Nevertheless, you shall not enquire into this any further! Just trust & love your boyfriend!

    • agonyaunt · 625 days ago

      Haha! Yeah sorry but he lied to you there. He'll have clicked it and not realised that by clicking it, it posted to his wall. To be fair though, the lie will have been said because he was embarrassed and doesn't want you to feel that he cares for you any less. If you find me a guy with a computer who hasn't clicked on a nice bottom every now and again, I'll give you £10000! So don't be mad at him! Just wise up a bit ;)

      • Lynn · 367 days ago

        This is ridiculous! I got my account hacked and I don't click on links!

  4. AledJ · 754 days ago

    One of my friends actually had this scam on his page earlier today, and I helped him remove it (I knew it was bad already, even before this article was up). And he's very good with computer related stuff...

    Just goes to show how much people aren't aware of these scams.

  5. Mark · 754 days ago

    it is easy to say "you should be careful" but in reality it is nearly impossible...

    It comes from a friend on FB, its a link to an external video (as are 90% of all video links on FB) and it appears to be legitimate (though the 'bottom" video is less so) and it uses technology we already accept and use ("liking" in FB).

    Hopefully browsers will evolve to help with this. I would certainly like my browser to pop up a dialog saying "you are about to like something on FB, do you approve?" or friend someone or add them to your circle in google+, etc.

    • insanitybit · 752 days ago

      Exactly. It isn't the users fault - there's no reasonable defense against this in terms of common sense. Browsers will likely soon implement a new anticlickjacking technique having to do with UI randomization

    • Soshimo · 750 days ago

      Stop clicking on shit on the left hand side of your browser. Most of the crap my "friends" post is inane and of no interest to me. If I do see something interesting I investigate outside of the poison walls of FB. Like everyone before you said, you can't place all the blame on the criminals. I know I can't leave my front door unlocked. Yes, it sucks that I don't have that freedom, but it's reality and I know it so I lock my door. The same can be said about online behavior. Besides, it's a little creepy that grown men are clicking on something that talks about high school underage girls. Just saying...

      • Really · 704 days ago

        Really? What your friends post is of no interest to you haha. Why be friends then?

      • Too trusting · 655 days ago

        When they're posted on a friends page who's a mother of 3, yes I do click on them. It's hard to see what's on the pic on a mobile phone, but it looked like a typical news story to me

  6. Gartner Froggins · 754 days ago

    I unwittingly fell for this a few weeks ago. Teach me to follow women's asses.

  7. Freida Gray · 754 days ago

    Its interesting to see that most of those who "fell for this " never noticed that it appeared to be of a young woman pulling her undershirt down.At least that's what I saw in the picture. Why would something like that be considered "shocking" to do in public ? That is the kind of stuff I did in grade school.

  8. Very old lame clickjacking script.. Can't believe it still works..

  9. Cindy · 754 days ago

    All you have to do to stay safe from stuff like this is use some common sense and guys, stop letting the appendage between your legs do your thinking for you.

    • Soshimo · 750 days ago

      What's even more creepy is that the girl is supposedly underage. I'll bet that's part of the draw too. It would get far less clicks if it said - "Overweight mother of 5 does something shocking every day". There's a reason I'm protective of my daughter.

    • Heviarti · 566 days ago

      Because sex is clearly not a motivation for either gender...

  10. Stickybuds · 753 days ago

    ALWAYS GOOGLE BEFORE YOU CLICK FACEBOOK LINKS!!!!!

    • Spur · 671 days ago

      1. Stop shouting.

      2. If it has only just been released it may not be on Google (yet).

      3. The only way is to use some common sense; something sadly lacking in the FB community.

  11. scorch · 753 days ago

    NoScript for firefox would probably have stopped this; its click-jacking protection is pretty good.

  12. It seems like the scammers creating more blogspot pages and using it for the attack. found few more sites. The fb script in the attacker site created by this fb profile "facebook.com/madelaine.netto"

    Here is my report : http://www.ehackingnews.com/2012/07/facebook-scam...

  13. Olivia · 752 days ago

    How do I remove it? It's just appeared in my 'likes' via my cousin's news feed?!!! & I don't 'like'!!! :-/

    • Olivia Pope · 752 days ago

      How do I remove it? It's just appeared in my 'likes'?!!! & I don't 'like'!!! :-/

      • Skraggy · 624 days ago

        The right way to do it is to reply to your own comments

  14. Stewart · 751 days ago

    Good warning - but who is the girl with the incredibly gorgeous ass??

  15. Radau · 745 days ago

    Right Click Open Incognito usually works pretty well since it unlinks the opened video from your facebook (provided you didn't set up facebook in incognito mode too).

  16. Open the page with all your 'likes', click 'show other pages'... click or hover over it, a drop down box appears, click 'unlike' and 'unsubscribe'. Done!

    • jagq · 449 days ago

      I tried that. There was no indication that I had ever liked this page.

  17. anon e. mouse · 703 days ago

    what if i commented on it saying it appears to be one of those fb hacks?

  18. clickwontwork · 678 days ago

    I keep clicking play but it wont work

  19. It is stunning how anybody could fall for these scams.

  20. Paulyg15 · 672 days ago

    sexy photo - bad spelling and shitty grammar =scam. how people click on these again and again i do not know. Homer Simpson syndrome

    • Lizy · 494 days ago

      well mine is translated in greek. I mean a greek page posted it too! the grammar wasn't shitty nor was the spelling. It seemed promising, with a girl's bottom showing. you know.. i had to push the button! I just had to! But fortunately i looked it up on google and it sent me here. Afterwards I watched some porn and now I feel much better.

  21. It is showing as liked on my timeline, how do I get rid of it? It's been marked abusive so I can't go to the page and nothing happen when I hover over. Can anyone help?

    • help · 658 days ago

      Open the page with all your 'likes', click 'show other pages'... click or hover over it, a drop down box appears, click 'unlike' and 'unsubscribe'. Done!

  22. JFoster · 671 days ago

    i wonder how difficult it would be for FB to have a dialogue box pop-up with something like

    "you are liking something on an external site, do you really wish to like this item and post it to your timeline? [yes, i 'like' this] [no, i didn't 'like' this]"

    clicking 'no' would then proceed to a dialogue box asking if you'd like to report said lnk/site as spam.

    i'm guessing not that difficult...

    • Duane Ferguson · 657 days ago

      We're talking about people who can't spot the bleedin' obvious, here. How many times have you seen someone claim 'I thought it might be a scam, but clicked on it anyway.' Sometimes I think these people get what they deserve.

    • Lady T · 449 days ago

      They probly get paid to allow these things to be there in the first place lol

  23. lol. maybe only one crazy enough to click on virus to check my security. too funny if it goes to others.

  24. MrJones · 658 days ago

    Is anyone going to actually advise on how to remove this from timeline seeming it's hiden from the user who posted it but visable to all friends

    • Jeremy · 656 days ago

      Just go to your activity log in your profile and remove it there.

      • David R · 623 days ago

        Thanks! Filter by Activity Log, click on Posts and Apps to drop down this menu, click on likes and then look through for this specific one - you can then mark it as spam and delete it!! Thanks for this tip - was getting really cross.

  25. Abs · 630 days ago

    Norton saved me from this :D
    About the only useful thing Norton has ever done for me.
    £54.99 per year well spent. >.<

    • jagq · 449 days ago

      But Norton had not saved me from this. I change my passwords, I run scans, and it keeps coming back.

  26. raynm · 629 days ago

    pop up blocker stopped it lol

  27. chris f · 604 days ago

    I clicked on it and tried to play the video then found out it is some spam thing. Luckily it was not added to m "likes" on my activity log.

  28. tmos21 · 604 days ago

    Flo, I'm afraid your bf is lying to you.

  29. RGVSkyTech · 604 days ago

    [Video] - Girl killed herself, after her dad psted THIS to ...
    My Norton AV blocked this attack by: Web Attack: Facebook LikeJacking Attack 1.
    13-videonow.noq.com.au (184.172.210.108.80)
    FYI I didn't click on it out of curiousity, I clicked on it to view the results so that I could warn my FB friends who have already clicked on it this morning and spread on their friends walls.

  30. Mitch H · 603 days ago

    While being circumspect is a fine -general- suggestion, nothing specific is given here to look for or to avoid.
    Yes, blunt titillation is used, but for the largely unsophisticated bulk of social-media users, that is both common and impossible to ignore. (Read as: "Them's gonna keep a-lookin' no matta whut.")
    I realize it isn't your failure that no clear, specific indicator is available, but that tells me this article should have (yet another) call to FaceBook demanding basic simple protections from misleading links, hidden function buttons, paste-over graphics and unqualified posting through your account.
    These tricks are entirely FaceBook's responsibility and fault.

  31. Kthulu · 601 days ago

    I have to laugh at the "Always google before clicking facebook links"
    Really??? You would spend your whole life researching the so called social media site to make sure everything was safe.

    • Banquo · 558 days ago

      This is not as difficult, or imprudent as it sounds. I've lost count of how many times I've warned friends that their posts were scams, spam or somehow malicious. Given how common this kind of junk web content is, taking a minute to verify the legitimacy of what you are "sharing" is a good idea.

  32. Banquo · 558 days ago

    Interwebz shenanigans aside, if I come across a "news" story with the words "shocking" and "17 year old" in the title, at the very least, I can count on it being just sensationalist, exploitative dribble.

  33. Stephanie · 537 days ago

    Some people are just stupid!

  34. ...... · 509 days ago

    People get Firefox, get NoScript and never fall for this kind of s... again.

  35. Talk all you want about this boiling down to "using common sense" but the spammers and scammers unfortunately mirror the overall low level integrity the entire world has allowed itself to sink with little regard for decency and honesty toward others.

  36. thefloatingskull · 502 days ago

    Fortunately, I deleted all my Social Network Accounts. At the same time most of the spamming websites are automatically blocked by Saudi Govt. I guess my computer should be safe from spammers.

  37. Lady T · 449 days ago

    I was a sucker and got had too. A few months ago a good friend sent this to me. yep I clicked it. not only did it post on my wall, its sent everyone in my contact list (of over 1000+ peeps) the same add. Not to stop there it went so far as to make groups and automatically add every single one of my friends to these groups. So for the next week I had to remove everyone from each group (around 160-200 people) from each group before I could report and shut the group down. It made around 8 groups or so.

    Worst thing is, i couldn't get rid of it and it eventually it killed my PC. I will have to recover my hard drive and reinstall my whole operating system.

    Man....1 freakin click can really make it rain in your cherios! :(

  38. Jeremy Bell · 448 days ago

    Yeah i agree with Cindy because you are the one that clicked on the like button

  39. yes · 275 days ago

    if you use facebook - you read spam all day around and generate money for facebook, so why care there is more spam around?

  40. Peter · 227 days ago

    Apparently I've fallen victim to this likejack.That's not the problem. The real problem is that if friends of my friends (not me or my friends) look at my wall, they will see my having commented on that video and thus parsing it on. However there is no indication in my activity log, that I have liked or commented this video. So shouldn't Facebook be responsible for this? After all it is the Facebook system that presents stuff on my wall that neither I nor my friends can see.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.