Facebook Likejacking a Real Threat

Allison Howen — Tue, 06 Sep 2011 19:30:00 GMT

“Likejacking” is gaining momentum on Facebook, and a new study shows that three out of every 20 videos on Facebook are fake.

Symantec, a security company, recently analyzed “likejacking” scams on Facebook. The company sampled 3.5 million video posts from August 2, and found that 15 percent of the video posts were “likejacking” attacks.

Likejacking comes from the term clickjacking— which tricks someone into clicking something, while a different action is actually taken. With Facebook, the clickjacking happens when a user clicks on something, which actually gives some type of content a “like” without the user’s knowledge.

Likejacking can happen in various ways; however one of the more likely avenues is with a fake video player window that is overlaid with a hidden iframe. A “like” is submitted when a user clicks anywhere on the fake video, and then the scam is also promoted to that person’s friends.

However, likejacking doesn’t only happen with videos. The security firm, Sophos, also reported on the spread of likejacking scams, especially over the long holiday weekend.

Some of the messages that have been used by spammers include “LOL This girl gets OWNED after a POLICE OFFICER reads her STATUS MESSAGE,” “This man takes a picture of himself EVERYDAY for 8 YEARS!!" as well as the one I received this weekend, “OMG! Its unbelievable now you can get to know who views your Facebook profile.. I can see my top profile visitors.”

Likejacking is not only embarrassing and irritating because of the content it posts on your wall, but it can also be dangerous because of its ability to infect PCs with malware and steal account information.

Facebook is not immune to spam or scams— so be careful of what you like and where you click.

Blogger.com Is Security Threat Claims Sophos

Pete Prestipino — Thu, 24 Jul 2008 13:15:00 GMT

Web security firm Sophos has published research regarding cybercrime in the first half of 2008 - and it's a interesting read. According to the Sophos Security Threat Report, website infection rate is three times faster than 2007.

It is estimated that the total number of unique malware samples in existence now exceeds 11 million, with Sophos currently receiving approximately 20,000 new samples of suspicious software every single day - one every four seconds

And what is the number one host for malware on the Web? Blogger. Hackers both set up malicious blogs on the service, and inject dangerous web links and content into innocent blogs in the form of comments. Blogspot.com accounts for 2 percent of all of the world's malware hosted on the web.

Sophos experts note that with the continuing popularity of Web 2.0 social networking sites, including Facebook and LinkedIn, among business users, cybercriminals who have already gained access to user profiles, may begin to use these as corporate directories, noting new employees and launching spear-phishing attacks specifically aimed at stealing information from new and unsuspecting members of staff.

'Net Features : sophos

Facebook Likejacking a Real Threat

Blogger.com Is Security Threat Claims Sophos