A new wave of likejacking scams are tricking users to spam their friends and take part in surveys by luring them with intriguing amateur webcam videos.One takes on a guise seen repeatedly in the past. The spammed message reads: "
Dad walks in on daughter... EMBARRASING!!! This really has to be an awkward moment."
The included link takes users to a rogue app which asks them for permission to post on their walls, access which it will later abuse to send spam.
A different scam tries to leverage BBC News's reputation to lend itself more credibility, although the report is clearly not something the news agency would put out.
The lure message reads "
Everyone do check what she did on cam …. --- [link]," with the link varying between goo.gl and bit.ly.
The landing page displays an YouTube video player thumbnail, but trying to see the clip launches a clickjacking attack that forces the user to Like the page without his knowledge.
According to Chester Wisniewski, a senior security advisor at Sophos, the page had over 49,000 likes, prompting questions about the efficiency of Facbook's recently introduced likejacking protection.
At the end of March, the company
introduced a system that automatically enables confirmation prompts for liking pages where suspicious Like patterns are detected.
This system clearly needs refining because so far it has made little difference and researchers haven't succeeded to trigger the prompts either.
The goal of these scams is to convince users to participate in surveys as part of affiliate marketing schemes that reward scammers with hefty commissions.
People who fell victim to these attacks should remove the rogue apps from their accounts, unlike the page and delete the spam messages posted on their walls.
Find us on Google+
No user comments yet.
Be the first to express your opinion!
