Dad walks in on Daughter Facebook clickjacking attack helps scammers earn money

Once again, scammers are running rings about Facebook’s built-in security measures by spreading a clickjacking scam between users’ accounts.

The latest attack poses as a link to a video of a dad walking in on his daughter.

Dad walks in on daughter.. embarrassing!

Dad walks in on Daughter.. EMBARRASSING!
[LINK] This really must have been an awkward moment.

We’ve seen scams which use language like this before, of course, and sometimes they’ve been used to trick you into installing software onto your computer.

Interestingly, on this occasion, the image used in the messages is the same as that used in the recent “Baby born amazing effect” scam which has spread with similar ferocity in the last couple of weeks on the social network.

Sign up to our free newsletter.
Security news, advice, and tips.

Clicking on this latest link takes users to a webpage, where it looks as though you need to press the “Play” icon to watch the video.

Dad walks in on daughter video

However, clicking the icon secretly tells Facebook that you “Like” the page (via the use of a clickjacking exploit), helping the scam to perpetuate.

Dad walks in on daughter survey

It will be no surprise at all to regular Naked Security readers that the scam is designed to drive traffic to online surveys – which earns commission for the scammers behind the attack.

When I tried it, the surveys claimed that I could receive a free iPad or MacBook or even a flat-screen television.

Dad walks in on daughter survey

If you’ve been hit by a scam like this, remove the messages and likes from your Facebook page – and warn your friends not to click on the offending links. Clearly there’s much more work which needs to be done by Facebook to prevent these sorts of messages spreading so rapidly.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.