Facebook Once Again Faces Internet Fraud

According to UK-based security firm Sophos, users of popular social engineering site Facebook have been attacked by another kind of Internet fraud.

The security firm said that the spammers are making use of 'like button' to lure Facebook users into allowing a clickjacking worm to enter their PCs. Facebook's "Like button", which is a tiny thumbs-up icon, if clicked by a user gets automatically inserted on his profile page that carries a link to some content user thinks important to be checked out by his friend.

Further details of the scam reveal that the scam includes concealing an invisible 'like' button beneath the mouse pointer of the user. As a result, if the user is logged into this social networking site, a click on any part of the infected page will make his Facebook profile updated to say that he also 'Like' that page. Then the victim is redirected to pictures of some female celebrities. The victim has in fact clicked the Troj/Iframe-ET virus.

Therefore, while the user is busy browsing the pictures of various Hollywood actresses, the malicious spam is playing his game -- ready to receive a click from the unaware user and to further spread the infection.

The security firm said that the latest scam is a part of CPALead advertising network that makes use of a cost-per-action model. User's click on dodgy Facebook links just helps scammers to make more profit.

In the context of the current attack, Graham Cluley, Senior Technology Consultant at Sophos, stated on his blog that Facebook seriously needs to look into the matter as clickjacking worms are increasingly making the site their target, as per the news published by thinq.co.uk on June 15, 2010.

Cluley added that the way of handling the 'liking' of outside webpages should be tightened by the social network before hackers and spammers abuse it extensively. He also advised Facebook users that in case they suspect that they have been scammed, they should examine their profile. If they find any suspicious entries related to the page, they should delete them immediately. They should not forget to warn friends who might probably have clicked on malevolent link.

In addition to this, users should be aware of all the recent scams that are circulating on Facebook because Facebook has nowadays become a lucrative target for cybercriminals.

Related article: Facebook Users Should be Careful of a Computer Virus

» SPAMfighter News - 6/25/2010