Cheryl Cole clickjacking on Facebook, posing as a BBC news report

Cheryl Cole clickjacking on Facebook, posing as a BBC news report

Cheryl ColeGirls Aloud pop star Cheryl Cole, famous in the UK for her role as a judge on top TV show “The X Factor” which had its grand final last night, is being exploited by scammers on Facebook.

Scammers are using a clickjacking technique to trick users into “liking” a webpage without their knowledge, believing it to be a BBC News report about paparazzi photographs that have exposed the popular celebrity.

Using the familiar banner of the BBC News website, the story beneath is not exactly the err.. content you would normally associate with the British Broadcasting Corporation. Instead it shows a typically tabloid pararazzi photograph of Cheryl Cole getting out of a car while wearing a short skirt.

Cheryl Cole likejacking page

Hardly the most convincing replica of the BBC website I’ve ever seen, but if you are tempted to click on the page uses a clickjacking technique to invisibly “like” the webpage, sharing it with all of your Facebook friends and buddies.

Cheryl Cole likejacking message

BBC News: Cheryl Cole Exposed Paparazzi Photos !

You won’t realise, however, that your Facebook page has been updated unless you specifically look at your feed.

Instead, chances are that some fans of Cheryl Cole will venture further, seeing another page which looks distinctly unlike those normally produced by the BBC – and ultimately a picture that is often printed in the more lowbrow British newspapers.

Cheryl Cole uncensored

So, what’s all the purpose of all this? Well, it appears that once again scammers are abusing Facebook users to drive traffic to online surveys – designed to earn them commission for every survey completed.

It’s really time that something more serious was done about spam like this, which has been exploiting Facebook users for far too long.

If you have been hit by a scam like this, delete the messages from your newsfeed and remove the “like”s from your profile.

If you want to get earlier warning about security threats on the social network and elsewhere on the internet, you could do a lot worse than join the Sophos Facebook page.