Lost all respect for Emma Watson? Facebook clickjacking attack spreads virally

Lost all respect for Emma Watson? Facebook clickjacking attack spreads virally

Emma Watson, the actress who plays the part of Hermione Granger in the Harry Potter movies, has found herself the subject of a clickjacking scam on Facebook.

Users of the social network have seen messages posted by their online friends claiming to have lost all respect for Emma Watson, after watching a video starring the young actress.

Emma Watson message on Facebook

I lost all respect for Emma Watson when I seen this video! Outrageous!

Other versions may read:

i lost all respect for emma watson when i saw this video! outrageous!

If you’re curious enough to click on the link, your browser will be taken to a webpage which pretends to be a YouTube-style video site called FbVideo.

Emma Watson clickjacking page

If you’ve got this far, you’ll probably be tempted to click to view the video. However, like the many clickjacking attacks we saw on Facebook last year, you will be invisibly clicking on a “Like” button without your knowledge, sharing the link further with your friends.

The page is designed to display a survey scam, which both earns money for the scammers and can trick you into handing over your mobile phone number to sign you up for a premium rate SMS service.

Sign up to our free newsletter.
Security news, advice, and tips.

You can protect yourself from clickjacking threats like this by using browser plugins such as NoScript for Firefox.

But wouldn’t it be great if Facebook required users to confirm that they wished to “Like” a webpage? That would make scams like have a harder time spreading virally via the social network.

By the way, other versions of the scam are using the names of Miley Cyrus.

Miley Cyrus Facebook message

If you find you have accidentally “Liked” an offending webpage, remove references to it from your wall and check your profile settings.

It can also make sense to logout from Facebook when you are not actively using it to reduce the chances of you being tricked into “Liking” things you don’t really like.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.