Well That Was Embarrassing

Yet another Facebook Clickjacking attack is making the rounds. This time the message shows as below.

A right-click (not left) will allow you to copy the source location and open the link in a protected environment. The link brings up the following image

The “Jaa” button is actually a “Share” button and will post the first picture on your wall. Following the links leads to a survey for which the attackers almost certainly get paid if you complete it. Following through with the “surveys” leads to a YouTube video of a clothed woman on a webcam that is a thinly disguised advertisement for a “sexy webcam” site.

You know, Facebook has their Facial recognition “feature”. Perhaps it is time to recognize a legitimate “share” button too. The current functionality of the Facebook share feature means that users have to know how to inspect links in order to safely use Facebook.

Randy Abrams
Director of Technical Education
Cyber Threat Analysis Center
ESET North America