>Terms Explained – Ever wonder what clickjacking/phishing/highjacking means


> Keeping you out of trouble is our job, but you need to meet us half way :O)

Below is listed a few terms that you should make yourself very aware of while you are using facebook. You will see these terms fly around quite a bit when on the site. Some of the terms not only apply to facebook, but the Internet as well. Such as Phishing and Clickjacking. Both are very popular methods hackers use outside of facebook to trick unsuspecting people into giving up their personal information. Take the time to read and understand each term. It is very important that you do so. It can mean the difference between a great experience on the Internet or a really, really bad one..

Phishing:



Defined – A phishing scam is when someone fraudulently and illegally imitates a trustworthy source to steal usernames, passwords, credit cards info, etc. It can occur through regular e-mail, a link on the web, a facebook wall posts, facebook messages, facebook chat or any other means of communication on the web. On facebook a Phishing scam is usually done to obtain your log in information. On the web it can be use to obtain bank logon’s and various other pieces of sensitive, valuable user information. On facebook this will give a hacker access to your facebook account and allow them to reap your profile info and preform more attacks on the people in your friends list. On the web this type of stolen information can allow a hacker to steal your livelihood. A Great example of a Phishing attack can be see at the link below.


How to Get Hacked on Facebook
http://pandalabs.pandasecurity.com/how-to-get-hacked-on-facebook/


If you want to know more about Phishing & how to avoid:
http://www.onguardonline.gov/topics/phishing.aspx

Clickjacking:



Defined – A malicious technique of tricking Web users into revealing confidential information or taking control of their computer while clicking on seemingly innocent looking Web pages. It will usually execute without the user’s knowledge, through a button on the web page that appears to perform another function.


Examples can be as follows: The user receives an email with a link to a video about a news item, but another valid page, say a product page on amazon.com, can be “hidden” on top or underneath the “PLAY” button of the news video. The user tries to “play” the video but actually “buys” the product from Amazon.


Other known exploits have been:


* Tricking users to enable their webcam and microphone through Flash (which has since been corrected by Adobe);
* Tricking users to make their social networking profile information public.
* Making users follow someone on Twitter.
* Share links on Facebook.



Likejacking:



Defined – A Facebook-enabled clickjacking attack that tricks users into clicking links that mark the clicked site as one of your Facebook “likes.” These likes then show up on your profile and, of course, in your Facebook News Feed where your friends can see the link and click it, allowing the vicious, viral cycle to continue through their walls and their friends walls..


Rogue Application:



Defined – There are weaknesses in facebook that allow unscrupulous facebook application developers access to your facebook information and to use your facebook account as a means to spread a fake viral message/ad across facebook. Once you install a rogue app it does not function as promised. It instead mines your data and/or spam’s your wall in an attempt to spread itself to your friends and throughout facebook.




Fake Events:


Defined – One of the latest scheme on Facebook: The creation of Gift Card and electronic giveaway “Events”, that appears to have been created, endorsed and referred to you by one of your facebook friends. Because facebook details who the creator of an event is and it appears to be from a friend, you automatically believe the scam event. The event has not been created by your friend, but instead by a hacker who has compromised that friend’s account. The whole purpose of the scam, like most on facebook, is to get you to give up your personal info or to complete some bogus offer/survey with the promise of something for nothing.



Fake Pages or Groups:



Defined – Any page or group that forces you to like, become a fan, join and or invite all of your friends before they reveal supposedly valuable info or some freebie, “game or other”. Most if not all pages that do this have ulterior motives. One possibility is that they are only looking to increase like numbers to the page so they can brag to their friends they made a page that has “X” number of likes. The other, which is much worst, is to dupe facebook users into completing surveys or downloading bad apps so they can make a dime off the user and/or mine the user’s personal data in the process. Either way these type of fake facebook pages open you and your facebook info up. You should stay away from them..



Status Highjacking



Defined – When someone takes over another person’s social networking status by posting comments and banter,usually without the statee’s online presence.Going off subject on the original status point.




If you follow these 10 facebook anti-hacked commandments, you will be less vulnerable to having your facebook account hacked.


1. Never give out your facebook user name & password.
2. Keep the email address associated with your facebook account under lock and key.
3. Use strong passwords.
4. Don’t click links while on facebook or other web locations indiscriminately.
5. Don’t follow any emails to facebook.
6. Make sure you are logging onto http://www.facebook.com
7. Don’t accept every friend request sent your way.
8. Do not leave your computer on with your Facebook account open.
9. Be sure to have a fully working and Up-To-Date anti virus software on your computer.
10. Share these commandments with everyone on facebook.









written by Mr. Black Knight (Co-admin BDE) Owner  ───► Scam Sniper ◄───

Damage Control ( Like-Jacking )

What Like-Jacking Means.
Like-Jacking is a Facebook-enabled Click-Jacking attack that tricks Facebook users into clicking a hidden “Like Button” on External web pages. Most Facebook users are unaware that a like-jacking has taken place due to the fact the like button is usually hidden behind a fake video play button or some other object on the web page. Users will instinctively click these fake objects thinking they are harmless. Many Facebook users end up leaving the Scam sitting on their wall for days because they never knew it happened. Their friends come along and fall right in to the same trap once they click. AVOID IT. Read and share this with your friends.
Damage Control ( For those who have fallen victim. )

How to Recover From Like-Jacking
If you have fallen victim to a Like-Jacking scam, you need to clean up your facebook profile immediately. You can do this by simply removing the “Like” made to your wall. This will ensure that you do not continue to assist the scam artist in spreading his Like-Jacking ruse to your friends and even further throughout the facebook network. .
How To Remove A Like Message From Your Wall
  1. Navigate to your profile wall by clicking the “Profile” link at the top of your facebook home page.
  2. Scroll down your profile wall till you locate the like, then click on the little “X” at the top right corner of the message. 
  3. Select “Remove And Unlike” from the menu and the message/Like will be removed.
How To Remove A Unwanted like From Your “Liked Pages List”
A few facebook users have complained about the unwanted “Likes” remaining in their “Liked Pages List”. This  list is located in your profile info area, in the “Activities and Interests” section, under the “Show Other Pages” link. The problem seems to happen even after following the directions listed above. If this happens to you please follow these direction as well.
  1. Navigate to your profile wall by clicking the “Profile” link at the top of your facebook home page.
  2. Once on your profile page click “Info” right below your profile picture, then Scroll down to the heading “Activities and Interests” and click the “Edit” link to the right.
  3. At the bottom of the Edit Activities and Interests page click the “Show Other Pages” link.
  4. The “Other Pages You Like” Dialog Box will open and from there you can scroll through your list of liked pages and remove the ones you don’t want by clicking the “Remove Page” Button..

Damage Control ( Rogue App )


Rogue Applications Explained ( App Spam )
Defined- There are weaknesses in facebook that allow unscrupulous facebook application developers access to your facebook information and to use your facebook account as a means to spread a fake viral messages/ads across facebook. Once you install a rogue app it does not function as promised. It instead mines your data and/or spam’s your wall in an attempt to spread itself to your friends and throughout facebook.
How to Recover After A Rogue Application Install
If you have installed any Rogue Applications within your facebook profile, you may be currently spamming your wall and or your friends News Feeds with the Rogue Applications viral/scam messages. You must remove the messages from your wall by deleting the post and remove the rogue app by uninstalling it from your facebook profile.
How to remove a Rogue Application and it’s Spam Messages from your profile:
To Remove The Rogue Applications Messages From Your Wall:
  1. Navigating to your profile wall, then locate the message you want to remove.
  2. Once you’ve located the message click on the little “X” at the top right corner of the message. 
  3. At that point Facebook will either open a dialog box which will ask you are sure you want to remove the post, or it will offer you a menu. If you get The Dialog Box simply click the “Remove Post” button in the dialog box to remove the message. If you get The Menu simply Select “Remove Post OR Remove Post and Revoke The Publishing Rights of {App Name}” from the menu and the message will be removed.
To Remove The Rogue Application From Your Facebook Profile:
  1. From your Facebook home page Click Account, then “Privacy Settings“.
  2. Then under the heading “Applications, Games, and Websites” click “Edit Settings“.
  3. To the right of the heading “Applications You Use” Click the “Edit Settings” button.
  4. Finally find the rogue application you want to remove in the list and click the “Little X” to the right of it’s name. From there Simply follow the facebook prompts to remove the app.

Damage Control ( Fake FarmVille Animals )

Damage Control ( For those who have fallen victim. )
If you have fallen victim to any of these Fake FarmVille Animal Scams, you need to clean up your facebook profile immediately. You can do this by simply removing the posts made to your wall. This will ensure that you do not continue to assist the scam artist in spreading his ruse to your friends and even further throughout the facebook network. 
To Remove The Fake FarmVille Messages From Your Wall:
  1. Navigating to your profile wall, then locate the message you want to remove.
  2. Once you’ve located the message click on the little “X” at the top right corner of the message. 
  3. At that point Facebook will offer you a menu. Select “Mark As Spam” from the menu and the message will be removed. If the message is not remove or reappears on your wall simple follow sets 1 & 2 again, but this time chose “Remove Post” to have the message permanently removed.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: