Facebook Likejacking a Real Threat

Allison Howen
by Allison Howen 06 Sep, 2011

"Likejacking" is gaining momentum on Facebook, and a new study shows that three out of every 20 videos on Facebook are fake.

Symantec, a security company, recently analyzed "likejacking" scams on Facebook. The company sampled 3.5 million video posts from August 2, and found that 15 percent of the video posts were "likejacking" attacks.

Likejacking comes from the term clickjacking- which tricks someone into clicking something, while a different action is actually taken. With Facebook, the clickjacking happens when a user clicks on something, which actually gives some type of content a "like" without the user's knowledge.

Likejacking can happen in various ways; however one of the more likely avenues is with a fake video player window that is overlaid with a hidden iframe. A "like" is submitted when a user clicks anywhere on the fake video, and then the scam is also promoted to that person's friends.

However, likejacking doesn't only happen with videos. The security firm, Sophos, also reported on the spread of likejacking scams, especially over the long holiday weekend.

Some of the messages that have been used by spammers include "LOL This girl gets OWNED after a POLICE OFFICER reads her STATUS MESSAGE," "This man takes a picture of himself EVERYDAY for 8 YEARS!!" as well as the one I received this weekend, "OMG! Its unbelievable now you can get to know who views your Facebook profile.. I can see my top profile visitors."

Likejacking is not only embarrassing and irritating because of the content it posts on your wall, but it can also be dangerous because of its ability to infect PCs with malware and steal account information.

Facebook is not immune to spam or scams- so be careful of what you like and where you click.