14 DAY TRIAL // Security researchers from Sophos warn of localized scams on Facebook which trick people into liking spam pages by employing clickjacking techniques.
Clickjacking, also known as user interface (UI) redressing, is a type of attack where programming methods are used to make an element invisible and super-impose it over another.
It is commonly used on the Web to hijack clicks. Attackers design a transparent button and put it on top of a harmless looking one which they encourage visitors to click.
In this way, users are tricked into believing they are performing a safe action, when in fact they are authorizing an entirely different one that abuses their authenticated session.
In the case of Facebook clickjacking attacks, the scammers usually hide the Like button and position it on top of other page elements. Because of this, the method is sometimes referred to as likejacking.
According to Paul O Baccas, a senior threat researcher at Sophos, scammers are currently using the technique to target non-English speakers that might be less familiar with it.
The expert has spotted at least three different Italian likejacking scams which lure users with messages like "COCA COLA: After watching this video you won't drink Coca Cola. The secret recipe revealed. Watch the video truth" or "Vito and Anna expelled for having slapped Celentano. FRIENDS, HERE IS THE VIDEO OF THE PUNCH IN THE FACE."
A Russian likejacking scam has also been spotted. It asks users to click colored buttons in a particular sequence, allegedly as a human verification method. However, doing it will force the victim to Like the rogue page and post a link on their wall.
Firefox users can protect themselves from clickjacking by installing the NoScript extension, which also blocks other attacks like drive-by downloads, cross-site scripting (XSS) or cross-site request forgery (CSRF).