14 DAY TRIAL // A new likejacking attack is rapidly spreading on Facebook by tricking users with an allegedly shocking video of Emma Watson.
The 20-year-old British actress, best known for her portrayal of Hermione Granger in the Harry Potter movies, has a very strong fan base, particularly among minors.
This makes her a very good target for scams and it's actually a bit surprising that her name isn't misused in such attacks more often.
According to security researchers from Sophos, the scam currently circulating on Facebook generates messages that read "I lost all respect for Emma Watson when I seen this video! Outrageous!"
The advertised link takes users to a YouTube spoof site which displays a video player thumbnail that reads "please watch this video only if you are 16 years or older."
Clicking on the play button actually forces the user to Like the page. This is done with the help of so called clickjacking techniques which involve hiding a button and placing it on top of another in order to hijack mouse clicks.
For a while, in looked like Facebook scammers had given up on clickjacking and switched to other propagation methods, such as tricking users into installing rogue apps. However, the technique seems to be making a comeback.
The fake YouTube page takes users to another one that asks them to complete a survey before being given access to the content.
Of course, there is no video and all this is just a way for scammers to make money via affiliate marketing schemes.
Graham Cluley, a senior technology consultant at Sophos, points out that there is also a variation of this scam going around and using Miley Cyrus as lure.
"If you find you have accidentally 'Liked' an offending webpage, remove references to it from your wall and check your profile settings," the security researcher advises.