Recently, some of my friends and family have been victims of Likejacking at Facebook. It’s a type of clickjacking in which you are tricked into “Likeing” a website. It’s never happened to me, but I’ve just been very lucky. After a short time studying these Likejacking scams, I can see that it’s easy to be tricked. Below are three examples and how it works.
As you can see, these are very tempting and they look like legitimate “Likes” from your friends. If you click to open them, you are taken to a page, normally with a video on it that needs to be clicked to play.
Clicking to play it, will instantly “Like” this page on your wall. You can’t see it, but there’s a hidden “Like” button under your mouse cursor, no matter where you click on the page. Isn’t that sneaky?
Usually, you’ll be directed to fill out surveys before you are allowed to see a video. The hackers get paid for getting people to fill them out.
One defense against Likejacking is to use the Firefox browser with the NoScript add-on. If you are using Opera or Chrome browsers, you might try NotScripts.
Here’s what it looks like when a hidden Likejack is detected with NoScript.
In Google’s Chrome browser, you can right click on a link in Facebook and open it in “Incognito” mode. That way, you won’t be logged into Facebook when you arrive at the new page.
So far, I haven’t seen that feature in other browsers, but I think it can be added via extensions or addons.
Your best defense is some common sense. You will need to be more suspicious of your friends’ posts. It’s hard to resist temptation, but it’s also good for you.
0 comments:
Post a Comment