Sophos Cloud Optix
Another day, another clickjacking scam on Facebook. This certainly seems to be becoming a successful model for scammers who want to earn some cash – and while it’s working so well, why should they change their methodology?
The latest scam which innocent Facebook users are being tricked into clicking on involves a message about singer and actress Christina Aguilera, who earlier this week was arrested in Hollywood. Although Aguilera was later released, and told that she would not be charged, her boyfriend Matthew Rutler faces a drink-driving charge.
Here’s what the scam looks like when one of your Facebook friends falls for it:
WTF! I just saw a movie how Christina Aguilera got arrested which was minutes ago!! --> [LINK]
SHOCK!SICK! I just saw a movie how Christina Aguilera got arrested which was minutes ago!! --> [LINK]
WICKED! I just saw a movie how Christina Aguilera got arrested which happened minutes ago!! --> [LINK]
The links take your browser to a website which looks like a YouTube-style video portal, calling itself FbVideo.
As you’re so interested in watching Christina Aguilera the worse-for-wear with drink, you might not hesitate to click on the video thumbnail. However, your click is being silently clickjacked into telling Facebook that you “Like” the webpage (thus spreading the scam virally) and you are presented with a survey which – if you complete it – will earn commission for the scammers.
A browser plugin like NoScript can prevent the clickjacking from taking place, but if you’re not running something like that or not protected with software like Sophos then you may be unaware that you have reached a clickjacking page.
For many people who have left themselves unprotected, however, the damage is done and you have helped the bad guys spread their scam across Facebook.
Your Facebook profile has been updated to say that you “Like” the video, and your friends may also now be tempted into clicking on the link.
If you fell for the scam, you should clean-up your Facebook page as quickly as possible. Fortunately it’s not that tricky to remove the post from your newsfeed and unlike the page.
Make sure that you stay informed about the latest scams spreading fast across Facebook and other internet attacks. Join the Sophos Facebook page, where more than 60,000 people regularly share information on threats and discuss the latest security news.
You could also do a lot worse than check out our best practices for better privacy and security on Facebook guide.
How do I remove a post and Unlike it ?
View it on your newsfeed. You should see a small "x" in the top right of the post. (You may have to roll your mouse over the top right hand corner of the post for the "X" to appear). Click it and it will give you the option to both remove the message, and unlike the page.
Hope that helps
Thanks for the heads up Graham. No surprise to see them taking advantage of another celebrities misfortune.