Well That Was Embarrassing

Yet another Facebook Clickjacking attack is making the rounds. This time the message shows as below.

A right-click (not left) will allow you to copy the source location and open the link in a protected environment. The link brings up the following image

The “Jaa” button is actually a “Share” button and will post the first picture on your wall. Following the links leads to a survey for which the attackers almost certainly get paid if you complete it. Following through with the “surveys” leads to a YouTube video of a clothed woman on a webcam that is a thinly disguised advertisement for a “sexy webcam” site.

You know, Facebook has their Facial recognition “feature”. Perhaps it is time to recognize a legitimate “share” button too. The current functionality of the Facebook share feature means that users have to know how to inspect links in order to safely use Facebook.

Randy Abrams
Director of Technical Education
Cyber Threat Analysis Center
ESET North America

Author ESET Research, ESET

2 Responses to “Well That Was Embarrassing”

  1. lyecdevf says:

    I never much used facebook.  When the new Google+ becomes available to me I am going to start using that.  I am sure that Google+ is going to be much more secure than failbook is evergoing to be.

  2. Randy Knobloch says:

    Thanks, Randy – that was embarassing.
     

Leave a Reply

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

4 articles related to:
Hot Topic
29 Jun 2011
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.