Facebook Likejacking a Real Threat

Facebook Likejacking a Real Threat “Likejacking” is gaining momentum on Facebook, and a new study shows that three out of every 20 videos on Facebook are fake.

Symantec, a security company, recently analyzed “likejacking” scams on Facebook. The company sampled 3.5 million video posts from August 2, and found that 15 percent of the video posts were “likejacking” attacks.

Likejacking comes from the term clickjacking— which tricks someone into clicking something, while a different action is actually taken. With Facebook, the clickjacking happens when a user clicks on something, which actually gives some type of content a “like” without the user’s knowledge.

Likejacking can happen in various ways; however one of the more likely avenues is with a fake video player window that is overlaid with a hidden iframe. A “like” is submitted when a user clicks anywhere on the fake video, and then the scam is also promoted to that person’s friends.



From Wikipedia, the free encyclopedia

Likejacking, a form of clickjacking, is a malicious technique of tricking users of a website into posting a Facebook status update for a site they did not intentionally mean to “like”.  The initial concept and code for likejacking were created by a Black Hat World user that goes by the handle thefish2010.

The term “likejacking” came from a comment posted by Corey Ballou[2] in the article How to “Like” Anything on the Web (Safely), which is one of the first documented postings explaining the possibility of malicious activity regarding Facebook’s “like” button.

More News @ KRISARU News