Rationalized Many Face book users are being strike by further click jacking attacks nowadays, captivating improvement of the social network’s “Like” facility. The newest entice is a link which claim to point to a website contain a bare photo of Hayley Williams,the escort singer of the American rock band Paramore.
Exaggerated profiles can be identified by seeing that the Face book user has it seems that “liked” a link:
Paramore n-a-k-ed photo leaked!
The fact that 21-year-old Hayley Williams has lately been the subject of much internet interest after a topless photo of her was leaked online is only likely to fuel attention in the naked pictures promised by these links. But take care, because all may not be what it seems. Clicking on the links takes Face book users to a third-party website which displays a message saying:
Click here to continue if you are 18 years of age or above
What the hackers have really done is very devious. They have concealed an invisible push button under your mouse, so wherever you click on the website your mouse-press is hijack. As a result, when you click with the mouse you’re also clandestinely clicking on a button which tells Face book that you ‘like’ the webpage.
This then gets available on your own Face book page, and shared with your online friends, resulting in the link spreading virally. Attacks like this can increase very fast. Judge by the number of post I’ve seen, thousands have already found it impossible to resist the idea of seeing the lead singer of Paramore naked and have fallen head-first into the “like jacking” trap.
This use of a click jacking exploit to publish the same message (via an invisible frame) to the visiting user’s own Face book page works in a similar fashion to the click jacking attacks we saw earlier this week. It’s clear that Face book needs to tighten up the way it handles the ‘liking’ of external WebPages before it is even more widely abused by hateful hackers and spammers.
If you consider you may have been strike by this attack, view the fresh movement on your news feed and erase entries related to the above links. Furthermore, you ought to view your profile, click on your Info tab and remove any of the pages from your “Likes and interests” section. If you’re a usual user of Face book, you should join the Sophos page on Face book to be kept knowledgeable of the latest security threats.
And, please, if you have Face book friends or associates that have fall foul of this attack please care them about it, and suggest that they click a small more carefully in future. Update fascinatingly, the same third-party website hosting the “Paramore naked photo” click jacking assault is also carrying another webpage containing a click jacking assault connected to teen heart-throb live feeling Justin Bieber.
If you click on a Face book “like” link declaring
Justin Biebers Phone Number Leaked!
Then you may find physically taken to a webpage which says “Click here to continue”.
If you do click then you will have your mouse-press hijacked (declaring to all of your Face book friends that you “Like” “Justin Bieber’s Phone Number Leaked!”) and you will be obtainable with what is claim to be Justin Bieber’s phone number and speak to in Florida.I have no method of effective if the phone number and address are real, and I don’t think it’s suitable to share them regardless, so I’ve pixilated them out in the screenshot above.
Of course, it’s not the first time we’ve seen Justin Bieber’s popularity exploited by cybercriminals.