>Current Video Scams on Facebook 14th March 2011


>





Like-Jacking Explained (Source Scamsniper)

Defined – Like-Jacking is a Facebook-enabled Click-Jacking attack that tricks Facebook users into clicking a hidden “Like Button” on web pages. When a user clicks this hidden like button it generates a like for the specific website. If a Facebook user is logged into their account the like then shows up on their profile wall as a full story and, of course, in the users Friends News Feeds, where they will now see the story, with the link and may end up clicking it. If friends click the link in the message, it will allow the vicious, viral cycle to continue through their walls and their friends walls as each new victim navigates to the like-jacking site and clicks. Below are some examples of Like-Jacking messages found on facebook currently.
Current Like-Jacking Examples – Be Sure To AVOID Them On Facebook




https://picasaweb.google.com/s/c/bin/slideshow.swf

Important Note: Most Facebook users are unaware that the like-jacking has taken place. The reason for this is that the like button is usually hidden behind a fake video play button or some other object on the web page. Users will instinctively click these fake objects thinking they are harmless. In fact it’s possible for a whole web page to be like-jack enabled, which means any click, anywhere on the page will result in a like-jacking. Like-jacking can be very hard for average Internet users to detect and for this reason it is important that users pay close attention to the websites they visit.
What You Can Do To Avoid Like-Jacking
The best defense against like-jacking on Facebook is for you to be extra careful. DO NOT assume your friends have liked weird links on purpose. SLOW DOWN and take a second to ask a friend if they actually know about the like message on their wall before you click through. If you are a Firefox user there is a plugin available which can help you detect like-jacking on websites. Below is the information on that plugin.
NoScript ( Firefox Plugin )
“It allows JavaScript, Java and other executable content to run only from trusted domains of your choice. It guards your “trusted boundaries” against cross-site scripting attacks (XSS), cross-zone DNS rebinding / CSRF attacks (router hacking), and Clickjacking attempts, thanks to its unique ClearClick technology. It also implements the DoNotTrack tracking opt-out proposal by default. Such a preemptive approach prevents exploitation of security vulnerabilities (known and even unknown) with no loss of functionality.” 
More Info & Download
Mozilla Firefox Add-ons NoScript

NoScript.net
http://noscript.net/

Note: Once you’ve installed NoScript be sure to enable “ClearClick Protection” on Untrusted andTrusted sites, within it’s options menu.

How to Recover From Like-Jacking

If you have fallen victim to a Like-Jacking scam, you need to clean up your facebook profile immediately. You can do this by simply removing the “Like” made to your wall. Remove the “Like” by navigating to your profile wall, locate the like, then click on the little “X” at the top right corner of the message. Select “Remove And Unlike” from the menu and the message/Like will be removed.


This will ensure that you do not continue to assist the scam artist in spreading his Like-Jacking ruse to your friends and even further throughout the facebook network. .

Leave a Comment and Share to Facebook

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: