6 year old’s Happy Meal from McDonalds leads to Facebook clickjacking scam

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

If you imagined that the legal action that Facebook is taking against alleged survey scammers would scare other spammers off the social network, then think again.

Over the weekend a number of scams have been spreading virally, using clickjacking techniques to fool Facebook users into “liking” and “sharing” links with their online friends without realising it.

Viral like messages

A typical message reads:

Sign up to our free newsletter.
Security news, advice, and tips.

OMG... Look What This 6 YEAR OLD found in Her HAPPY MEAL from McDonalds! on CLICK HERE TO SEE.

If you do make the mistake on clicking on the link you will be taken to a webpage which pretends to be hosted on Facebook, but in fact is designed to
trick you into unknowingly sharing the links with your online acquaintances, and spreading the messages further.

Happy Meal horror scam Facebook page

If you click on what appears to be the “Play” button on the video, you are really being clickjacked. You may believe you are just asking the video to play, but in fact your mouse clicks are invisibly confirming that you “Like” the “Look What This 6 YEAR OLD found in Her HAPPY MEAL from McDonalds!” page, and sharing it with your friends via your newsfeed.

Similar virally-spreading messages are pointing to similar pages claiming that you will never send another text message once you watch a video.

I Will NEVER TEXT Again After Seeing THIS!!

We’ve seen other scams use this particular lure in the past.

Clearly, you probably don’t want to spread these messages to your friends. Firstly, remove any status updates pertaining to them from your newsfeed.

Then, if you still find that you’re “liking” the pages you should enter “Edit my profile” on Facebook, click on “Likes and interests” and “Show other pages”.

Liked pages which can be removed

You may well find that the mischievous pages are listed there, and they can be easily removed.

You should always be wary of suspicious out-of-character posts made by your Facebook friends. If you want to learn more about security threats on the social network and elsewhere on the internet, join the Sophos Facebook page.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.