Giant snakes eating zookeepers and unwatchable videos – Facebook hit again by clickjacking scams

Facebook users are once again suffering from an onslaught of clickjacking survey scams, designed to fool them into unwittingly saying they “Like” a link to drive web traffic that simply fills the pockets of scammers.

Here’s just one example we have seen in the last hour:

Facebook scam

97% of ALL People Can NOT Watch THIS VIDEO For More Than 25 Seconds!

Sign up to our free newsletter.
Security news, advice, and tips.

Can YOU?! Watch the video and see how long you can last! Good Luck!

You can imagine why some Facebook users might be tempted to click on the link, but the truth of the matter is that the poster did not knowingly share the link with his Facebook friends. Instead, he was tricked into saying he “Like”d the link through a clickjacking.

If you were tempted to click on the link you would be taken to a page which appears ready to play a video.

Facebook scam

The webpage looks like it’s part of Facebook, and most people wouldn’t hesitate to press the “Play” button the video. But the reality is that clicking on the play button secretly hides some additional code.

The Mac computer I tested the scam on was running the Sophos’s free Mac anti-virus, which was smart enough to alert me to the danger posed by the button:

Facebook scam

However, if you hadn’t properly protected your computer you might find that you are being clickjacked into invisibly saying you “Like” the link on Facebook without realising.

In my testing, pressing the button said that I “liked” a different scam – this one related to a video allegedly showing a zookeeper being eaten by a giant snake.

Facebook scam

[VIDEO] Snake Eats MAN!

CAUGHT ON TAPE- A Giant Snake Swallows Up A Zookeeper in Front of Hundreds of People!

In this way the scam can spread rapidly between your online friends, increasing the traffic to the real page the scammers want you to visit – one which asks you to take part in an online quiz or survey.

Facebook scam

A free iPhone 4S? You’ll be lucky. Scams like this can earn millions of dollars for those behind them in form of affiliate commission and by – sometimes – signing your mobile phone up for premium rate services.

If you see a scam like this on your newsfeed – be sure to remove it, and report is as spam to Facebook. That way you will no longer be sharing the offending link with your friends.

Report the message as spam

If you’re a Facebook user and want to keep up on the latest threats and security news I would recommend you join the Sophos Facebook page – where more than 190,000 people regularly discuss the latest attacks.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.