Category: “like jacking”

Archives for category “like jacking”. People should be conscious while using the web search. Emma Watson: the world’s dangerous celebrity in web search.

Bare celebrity on LinkedIn direct to malware

A blog post by our friends at Trend Micro wedged my eye this morning, and got some of the guys within SophosLabs looking a small quicker at some of the profiles listed on the business networking site, LinkedIn. It’s astounding how many people signed-up on LinkedIn have words like “nude” and “naked” in their job title. It’s probable that some of these are genuine (for instance, the person who claims to be the Chief Nude Parachutist at a New York-based company), but many of them are not.

 

For example, I think it’s very improbable that Paris Hilton works for a firm called “company B”, and that she would want to post links claiming to be of her notorious sex video. Another celebrity who has fallen foul of a private home movie becoming public is Kim Kardashian. It seems that the hackers who have peppered LinkedIn with false profiles also believe that people will be probing for videos of her, and so they have created a page for her too.

 

 

Other names (of various levels of fame) with fake profiles on LinkedIn include Jaime Pressly, Christina Aguilera, Keri Russell, Zooey Deschanel, Lizzy Caplan, Brooke Hogan and Tila Tequila. Some of the links contained in these profiles are currently down, but SophosLabs can confirm that as recently as January 1st 2009 the malicious Troj/Decdec-A JavaScript code was being found on them, downloading further malware onto visiting computers.

 

 

It’s a shame that LinkedIn aren’t keeping a closer eye on clearly bogus profiles being shaped on their site. Certainly spammers, malware authors and other cybercriminals may be abusing the system to link to their WebPages in the hope that it will produce a higher ranking in search engines like Google.

‘Sex video’ Of Fiona Xie? You’ve been scammed

A new thread of scams on social networking site Face book has claimed its newest victim in former MediaCorp artiste Fiona Xie.

The scams, which appear more than a few days ago, lures Face book users into ‘Liking‘ a link to a page talented sex videos of the voluptuous 29-year-old. The link features a thumbnail of Xie sitting suggestively in a bathtub along with the tagline “Fiona Xie. Is she REALLY as innocent as she looks?”

 

 

Clicking on the link though leads to a survey. According to Graham Cluley, a senior technology advisor at online security firm Sophos, this is an ordinary hacking technique known as ‘click jacking‘ in which the scam artist pockets a sum for every survey finished.

By fooling the victim into innocently ‘Liking‘ the page, “chances are that you (the user) will be uncomfortable that your friends now know you were seeking for sex videos of Fiona Xie,” said Mr Cluley in a blog post.

 

 

The Xie scam is supposed to be the first of its kind involving a local celebrity. Similar ones responsibility the rounds on Face book feature Hollywood stars Justin Bieber and Rihanna individually with the tagline “People totally lost their respect for (the star’s name) after watching this Sick Video”.

Ms Xie, formerly one of Caldecott Hill’s popular ‘Seven Princesses’ and ranked by men’s magazine FHM as one of the 20 sexiest women in the world in 2009, left for Hong Kong in the same year after quitting MediaCorp for unspecified personal reasons. She could not be reached for comment for this story.

Osama bin Laden leaked video scam on Face book rises yet again

An original version of the variety of Face book scams we have seen since the bereavement of Osama bin Laden has emerged. Naked Security reader Sampath send us a tip-off about the newest dissimilarity he had seen of a viral scam that poses as a video of the killing of Osama bin Laden:

 

OSAMA KILLING REAL VIDEO LEAKED

OMG! Real video of Osama Bin laden being killed. Video leaked by wiki leaks. Watch it before it gets deleted.

 

A link in the message may, at first look, emerge to point to the YouTube website but in detail points to a similar-looking Indian domain name ending in “.in”. If you make the fault of clicking on the link you are taken to a third-party webpage, which poses as a security confirmation check from YouTube.

 

 

Rather why anybody would imagine that typing in the words “real video” is any form of security verification is further than me.

But what’s occurrence here is that when you submit the so-called CAPTCHA text you are without knowing publish the message to your own Face book wall. This spreads the message virally to your Face book friends, and helps spread the scam additional on behalf of the bad guys.

 

 

The scammers create their money by tricking you into taking an online survey. They earn charge for each person they manage to complete it, and you might be the sort of person who is tempted to answer the survey in the belief that you’ll get to see a video of the Osama bin Laden being killed.

Keep in mind – the real YouTube would never ask you to complete an online survey before watching a video, and that scams like this are rife across Face book. As long as Face book users keep falling for scams like this, they’ll carry on being a problem.

 

 

At the time of script this latest iteration of the Osama bin Laden Face book scam appear to have been eradicated. But I wonder how long before a new variant arises?

Miley Cyrus Sex Tape Hoax scattering On Face book

In the newest repayment of “Watch your most beloved/hated pop star do malicious things by clicking on this Face book link!” an supposed Miley Cyrus sex tape is circulating on Face book, but the entire thing is (surprise!) a scam. Let us know if you’ve seen this on your News Feed.

It was a hypothetical sex tape connecting Lindsey Lohan which got people rsvp-ing to actions that would link them to the video; of course, in reality the whole thing was about making you whole sale forms online, and the video didn’t exist. Then, it was Justin Bieber’s turn, and the promise to see the teen pop star during a “happy” moment actually spread spam and malware to your Face book friends.

Now, it appears that a new scam is spreading on Face book, though we still have to see it appear in our News Feeds. According to Sophos, a status update that goes, “omg Miley Cyrus sex tape [plus link]” is captivating over some legitimate Face book client accounts. It is indistinct how the users’ accounts are being compromise at the second, although the website that the link takes you to is clearly nasty. Do not click on it!

Have you seen this on your page/news feed?

Patrick Swayze’s death kicks off new spam campaign

The bereavement of actor Patrick Swayze has kicked off a new encircling of spam runs, according to refuge experts. Researchers with security firm F-Secure reported spotting spam messages on the theme just hours after news of Swayze’s death from pancreatic cancer first broke on news ropes. The attacks are supposed to use the method of search engine optimization (SEO) – loading web pages with reference to the actor’s name in hope of obtain a higher position in search engine results.

When a user does run a look for on Swayze and end up at the spam page, a pop-up inform the user of a malware “infection” and then display a pop-up image mimicking the Windows security screen. Users who are dupe by the fake security alert will then find their systems impure with a scoundrel antivirus device as well as a simple PHP script which logs the user’s country and city location. Researchers think that the information is being gathered for traffic analysis.

The use of current proceedings in spam runs has become a well-liked tactic for cybercriminals in new years. The assure of video and photos of hot news topics is often used to dupe user into allowing the fitting of malware, adware and phony security tools.Most lately, malware writers took advantage of the anniversary of the 9/11 terrorist attacks to spread their unsavory wares.

In addition, spammers and malware distributors have increasingly made use of search engine optimization techniques to make attack sites more vulnerable and effective for bringing in victims.

The Recorded scam Video of Christina Aguilera spreads virally on Face book

Another day, another click jacking scam on Face book. This positively seem to be flattering a victorious model for scammers who want to earn some cash – and while it’s operational so well, why should they modify their method?


The latest scam which blameless Face book user are being tricked into click on involve a communication about singer and actress Christina Aguilera, who previous this week was under arrest in Hollywood. Though Aguilera was later released, and told that she would not be charged, her boyfriend Matthew Rutler faces a drink-driving charge.

Here’s what the scam looks like when one of your Face book friends falls for it:

WTF! I just saw a movie how Christina Aguilera got arrested which was a minute ago!! –> [LINK]

SHOCK! SICK! I just saw a movie how Christina Aguilera got arrested which was a minute ago!! –> [LINK]

WICKED! I just saw a movie how Christina Aguilera got arrested which happened minutes ago!! –> [LINK]

As you’re so paying attention in watching Christina Aguilera the worse-for-wear with drink, you strength not be indecisive to click on the video thumbnail. However, your click is being noiselessly clicked jacked into telling Face book that you “Like” the webpage (thus spreading the scam virally) and you are obtainable with a review which – if you total it – will earn charge for the scammers.

A browser plug-in like No Script can stop the click jacking from captivating place, but if you’re not running amazing like that or not sheltered with software like Sophos then you may be ignorant that you have reach a click jacking page.

For many populace who have left themselves defenseless, however, the injure is done and you have helped the bad guys increase their scam across Face book.

Your Face book outline has been efficient to say that you “Like” the video, and your associates may also now be tempt into clicking on the link.

If you chop for the scam, you should clean-up your Face book page as quickly as possible. providentially it’s not that difficult to take away the post from your news feed and dissimilar the page.

Make sure that you stay knowledgeable concerning the newest scams dispersion fast across Face book and other internet attack. Join the Sophos Face book page, where more than 60,000 people frequently share information on intimidation and discuss the latest security news.

You could also do a lot inferior than check out our best practices for improved privacy and security on Face book guide.