If you imagined that the legal action that Facebook is taking against alleged survey scammers would scare other spammers off the social network, then think again.
Over the weekend a number of scams have been spreading virally, using clickjacking techniques to fool Facebook users into “liking” and “sharing” links with their online friends without realising it.
A typical message reads:
OMG... Look What This 6 YEAR OLD found in Her HAPPY MEAL from McDonalds! on CLICK HERE TO SEE.
If you do make the mistake on clicking on the link you will be taken to a webpage which pretends to be hosted on Facebook, but in fact is designed to
trick you into unknowingly sharing the links with your online acquaintances, and spreading the messages further.
If you click on what appears to be the “Play” button on the video, you are really being clickjacked. You may believe you are just asking the video to play, but in fact your mouse clicks are invisibly confirming that you “Like” the “Look What This 6 YEAR OLD found in Her HAPPY MEAL from McDonalds!” page, and sharing it with your friends via your newsfeed.
Similar virally-spreading messages are pointing to similar pages claiming that you will never send another text message once you watch a video.
We’ve seen other scams use this particular lure in the past.
Clearly, you probably don’t want to spread these messages to your friends. Firstly, remove any status updates pertaining to them from your newsfeed.
Then, if you still find that you’re “liking” the pages you should enter “Edit my profile” on Facebook, click on “Likes and interests” and “Show other pages”.
You may well find that the mischievous pages are listed there, and they can be easily removed.
You should always be wary of suspicious out-of-character posts made by your Facebook friends. If you want to learn more about security threats on the social network and elsewhere on the internet, join the Sophos Facebook page.