Revenge on an ex-girlfriend or a Facebook clickjacking attack?

Another status update was spreading virally earlier today, exploiting a clickjacking attack that we have seen Facebook scammers use in the past.

Messages were appearing on users’ Facebook accounts saying:

OMG This GUY Went a Little To Far WITH His Revenge On His EX Girlfriend

OMG This GUY Went a Little To Far WITH His Revenge On His EX Girlfriend

Clicking on the link would take your web browser to a page which asked you to click on a red and then a blue box to “confirm” that you are human.

Colourful clickjacking attack

We’ve seen this trick a number of times before, of course.

It’s what I call a colourful clickjacking attack. You think you’re just clicking with your mouse on a red and blue box, but in fact you’re unknowingly liking and sharing the link with all of your Facebook friends.

If thousands of Facebook users like a page, as they did in this incident, then there’s the potential for cybercriminals to send spam to them or distribute a malicious link en masse to their newly-groomed fans.

But let’s continue with our journey through the scam.

Hello! Click here to continue

A hop and a click later, and you finally see what purports to be a letter from a man to his ex-girlfriend..

Revenge letter to an ex-girlfriend

Thousands of Facebook users fell for this, the latest in a long line of scams spreading virally across the network. By the looks of things, Facebook has shut this attack down – but no doubt there will be more on their way.

If you were hit, make sure that you have checked your Facebook profile to remove references to the page and ensure that you only have pages that you *really* like listed under your “like”s.

Of course, none of these attacks would spread if people were more suspicious of unusual posts made by their Facebook friends, and kept themselves informed of the latest tactics used by scammers and cybercriminals. If you want to learn more about security threats on the social network and elsewhere on the internet, join the Sophos Facebook page.